archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 07:14:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8291509: Minor cleanup could be done in sun.security

Browse source 
Reviewed-by: weijun
This commit is contained in:
Mark Powers 2022-09-15 19:59:53 +00:00 committed by Weijun Wang
parent 6beeb8471c
commit 4cec141a90
298 changed files with 2650 additions and 3262 deletions
Download patch file Download diff file Expand all files Collapse all files

73
src/java.base/share/classes/sun/security/x509/AVA.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -118,7 +118,7 @@ public class AVA implements DerEncoder {
/**
* Parse an RFC 1779, 2253 or 4514 style AVA string: CN=fee fie foe fum
* or perhaps with quotes. Not all defined AVA tags are supported;
* of current note are X.400 related ones (PRMD, ADMD, etc).
* of current note are X.400 related ones (PRMD, ADMD, etc.).
*
* This terminates at unescaped AVA separators ("+") or RDN
* separators (",", ";"), and removes cosmetic whitespace at the end of
@ -145,7 +145,7 @@ public class AVA implements DerEncoder {
* Parse an AVA string formatted according to format.
*/
AVA(Reader in, int format) throws IOException {
this(in, format, Collections.<String, String>emptyMap());
this(in, format, Collections.emptyMap());
}
/**
@ -155,7 +155,7 @@ public class AVA implements DerEncoder {
* @param format parsing format
* @param keywordMap a Map where a keyword String maps to a corresponding
* OID String. Each AVA keyword will be mapped to the corresponding OID.
* If an entry does not exist, it will fallback to the builtin
* If an entry does not exist, it will fall back to the builtin
* keyword/OID mapping.
* @throws IOException if the AVA String is not valid in the specified
* format or an OID String from the keywordMap is improperly formatted
@ -304,7 +304,7 @@ public class AVA implements DerEncoder {
c = readChar(in, "Quoted string did not end in quote");
// check for embedded hex pairs
Byte hexByte = null;
Byte hexByte;
if ((hexByte = getEmbeddedHexPair(c, in)) != null) {
// always encode AVAs with embedded hex as UTF8
@ -356,7 +356,7 @@ public class AVA implements DerEncoder {
// non-PrintableString chars
if (this.oid.equals(PKCS9Attribute.EMAIL_ADDRESS_OID) ||
(this.oid.equals(X500Name.DOMAIN_COMPONENT_OID) &&
PRESERVE_OLD_DC_ENCODING == false)) {
!PRESERVE_OLD_DC_ENCODING)) {
// EmailAddress and DomainComponent must be IA5String
return new DerValue(DerValue.tag_IA5String,
temp.toString().trim());
@ -373,7 +373,7 @@ public class AVA implements DerEncoder {
List<Byte> embeddedHex = new ArrayList<>();
boolean isPrintableString = true;
boolean escape = false;
boolean escape;
boolean leadingChar = true;
int spaceCount = 0;
do {
@ -383,7 +383,7 @@ public class AVA implements DerEncoder {
c = readChar(in, "Invalid trailing backslash");
// check for embedded hex pairs
Byte hexByte = null;
Byte hexByte;
if ((hexByte = getEmbeddedHexPair(c, in)) != null) {
// always encode AVAs with embedded hex as UTF8
@ -443,9 +443,7 @@ public class AVA implements DerEncoder {
// add embedded hex bytes before next char
if (embeddedHex.size() > 0) {
// add space(s) before embedded hex bytes
for (int i = 0; i < spaceCount; i++) {
temp.append(' ');
}
temp.append(" ".repeat(spaceCount));
spaceCount = 0;
String hexString = getEmbeddedHexString(embeddedHex);
@ -455,21 +453,19 @@ public class AVA implements DerEncoder {
// check for non-PrintableString chars
isPrintableString &= DerValue.isPrintableStringChar((char)c);
if (c == ' ' && escape == false) {
if (c == ' ' && !escape) {
// do not add non-escaped spaces yet
// (non-escaped trailing spaces are ignored)
spaceCount++;
} else {
// add space(s)
for (int i = 0; i < spaceCount; i++) {
temp.append(' ');
}
temp.append(" ".repeat(spaceCount));
spaceCount = 0;
temp.append((char)c);
}
c = in.read();
leadingChar = false;
} while (isTerminator(c, format) == false);
} while (!isTerminator(c, format));
if (format == RFC2253 && spaceCount > 0) {
throw new IOException("Incorrect AVA RFC2253 format - " +
@ -487,7 +483,7 @@ public class AVA implements DerEncoder {
// non-PrintableString chars
if (this.oid.equals(PKCS9Attribute.EMAIL_ADDRESS_OID) ||
(this.oid.equals(X500Name.DOMAIN_COMPONENT_OID) &&
PRESERVE_OLD_DC_ENCODING == false)) {
!PRESERVE_OLD_DC_ENCODING)) {
// EmailAddress and DomainComponent must be IA5String
return new DerValue(DerValue.tag_IA5String, temp.toString());
} else if (isPrintableString) {
@ -548,7 +544,7 @@ public class AVA implements DerEncoder {
private static boolean trailingSpace(Reader in) throws IOException {
boolean trailing = false;
boolean trailing;
if (!in.markSupported()) {
// oh well
@ -556,7 +552,7 @@ public class AVA implements DerEncoder {
} else {
// make readAheadLimit huge -
// in practice, AVA was passed a StringReader from X500Name,
// and StringReader ignores readAheadLimit anyways
// and StringReader ignores readAheadLimit anyway
in.mark(9999);
while (true) {
int nextChar = in.read();
@ -605,10 +601,9 @@ public class AVA implements DerEncoder {
if (this == obj) {
return true;
}
if (obj instanceof AVA == false) {
if (!(obj instanceof AVA other)) {
return false;
}
AVA other = (AVA)obj;
return this.toRFC2253CanonicalString().equals
(other.toRFC2253CanonicalString());
}
@ -658,7 +653,7 @@ public class AVA implements DerEncoder {
*/
public String toString() {
return toKeywordValueString
(toKeyword(DEFAULT, Collections.<String, String>emptyMap()));
(toKeyword(DEFAULT, Collections.emptyMap()));
}
/**
@ -667,7 +662,7 @@ public class AVA implements DerEncoder {
* emits standardised keywords.
*/
public String toRFC1779String() {
return toRFC1779String(Collections.<String, String>emptyMap());
return toRFC1779String(Collections.emptyMap());
}
/**
@ -686,7 +681,7 @@ public class AVA implements DerEncoder {
* emits standardised keywords.
*/
public String toRFC2253String() {
return toRFC2253String(Collections.<String, String>emptyMap());
return toRFC2253String(Collections.emptyMap());
}
/**
@ -719,7 +714,7 @@ public class AVA implements DerEncoder {
if ((typeAndValue.charAt(0) >= '0' && typeAndValue.charAt(0) <= '9') ||
!isDerString(value, false))
{
byte[] data = null;
byte[] data;
try {
data = value.toByteArray();
} catch (IOException ie) {
@ -736,7 +731,7 @@ public class AVA implements DerEncoder {
* NOTE: this implementation only emits DirectoryStrings of the
* types returned by isDerString().
*/
String valStr = null;
String valStr;
try {
valStr = new String(value.getDataBytes(), UTF_8);
} catch (IOException ie) {
@ -839,7 +834,7 @@ public class AVA implements DerEncoder {
*/
StringBuilder typeAndValue = new StringBuilder(40);
typeAndValue.append
(toKeyword(RFC2253, Collections.<String, String>emptyMap()));
(toKeyword(RFC2253, Collections.emptyMap()));
typeAndValue.append('=');
/*
@ -854,7 +849,7 @@ public class AVA implements DerEncoder {
if ((typeAndValue.charAt(0) >= '0' && typeAndValue.charAt(0) <= '9') ||
!isDerString(value, true))
{
byte[] data = null;
byte[] data;
try {
data = value.toByteArray();
} catch (IOException ie) {
@ -871,7 +866,7 @@ public class AVA implements DerEncoder {
* NOTE: this implementation only emits DirectoryStrings of the
* types returned by isDerString().
*/
String valStr = null;
String valStr;
try {
valStr = new String(value.getDataBytes(), UTF_8);
} catch (IOException ie) {
@ -917,13 +912,12 @@ public class AVA implements DerEncoder {
previousWhite = false;
sbuffer.append(c);
} else {
if (previousWhite == false) {
if (!previousWhite) {
// add single whitespace
previousWhite = true;
sbuffer.append(c);
} else {
// ignore subsequent consecutive whitespace
continue;
}
}
@ -1115,9 +1109,10 @@ class AVAKeyword {
private static final Map<ObjectIdentifier,AVAKeyword> oidMap;
private static final Map<String,AVAKeyword> keywordMap;
private String keyword;
private ObjectIdentifier oid;
private boolean rfc1779Compliant, rfc2253Compliant;
private final String keyword;
private final ObjectIdentifier oid;
private final boolean rfc1779Compliant;
private final boolean rfc2253Compliant;
private AVAKeyword(String keyword, ObjectIdentifier oid,
boolean rfc1779Compliant, boolean rfc2253Compliant) {
@ -1151,7 +1146,7 @@ class AVAKeyword {
*
* @param keywordMap a Map where a keyword String maps to a corresponding
* OID String. Each AVA keyword will be mapped to the corresponding OID.
* If an entry does not exist, it will fallback to the builtin
* If an entry does not exist, it will fall back to the builtin
* keyword/OID mapping.
* @throws IOException If the keyword is not valid in the specified standard
* or the OID String to which a keyword maps to is improperly formatted.
@ -1194,7 +1189,7 @@ class AVAKeyword {
number = true;
}
}
if (number == false) {
if (!number) {
throw new IOException("Invalid keyword \"" + keyword + "\"");
}
return ObjectIdentifier.of(keyword);
@ -1207,7 +1202,7 @@ class AVAKeyword {
*/
static String getKeyword(ObjectIdentifier oid, int standard) {
return getKeyword
(oid, standard, Collections.<String, String>emptyMap());
(oid, standard, Collections.emptyMap());
}
/**
@ -1267,8 +1262,8 @@ class AVAKeyword {
}
static {
oidMap = new HashMap<ObjectIdentifier,AVAKeyword>();
keywordMap = new HashMap<String,AVAKeyword>();
oidMap = new HashMap<>();
keywordMap = new HashMap<>();
// NOTE if multiple keywords are available for one OID, order
// is significant!! Preferred *LAST*.

6
src/java.base/share/classes/sun/security/x509/AccessDescription.java
View file

@ -37,9 +37,9 @@ public final class AccessDescription {
private int myhash = -1;
private ObjectIdentifier accessMethod;
private final ObjectIdentifier accessMethod;
private GeneralName accessLocation;
private final GeneralName accessLocation;
public static final ObjectIdentifier Ad_OCSP_Id =
ObjectIdentifier.of(KnownOIDs.OCSP);
@ -99,7 +99,7 @@ public final class AccessDescription {
}
public String toString() {
String method = null;
String method;
if (accessMethod.equals(Ad_CAISSUERS_Id)) {
method = "caIssuers";
} else if (accessMethod.equals(Ad_CAREPOSITORY_Id)) {

14
src/java.base/share/classes/sun/security/x509/AlgorithmId.java
View file

@ -253,7 +253,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
* to a string and used as part of an algorithm name, for example
* "OID.1.3.14.3.2.13" style notation. Use the <code>getName</code>
* call when you do not need to ensure cross-system portability
* of algorithm names, or need a user friendly name.
* of algorithm names, or need a user-friendly name.
*/
public final ObjectIdentifier getOID () {
return algid;
@ -308,11 +308,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
return o.stdName();
} else {
String n = aliasOidsTable().get(oidStr);
if (n != null) {
return n;
} else {
return algid.toString();
}
return (n != null) ? n : algid.toString();
}
}
@ -346,7 +342,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
* with the same parameters.
*/
public boolean equals(AlgorithmId other) {
return algid.equals((Object)other.algid) &&
return algid.equals(other.algid) &&
Arrays.equals(encodedParams, other.encodedParams);
}
@ -555,7 +551,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
}
}
// oid string cache index'ed by algorithm name and oid strings
// oid string cache indexed by algorithm name and oid strings
private static volatile Map<String,String> aliasOidsTable;
// called by sun.security.jca.Providers whenever provider list is changed
@ -565,7 +561,7 @@ public class AlgorithmId implements Serializable, DerEncoder {
// returns the aliasOidsTable, lazily initializing it on first access.
private static Map<String,String> aliasOidsTable() {
// Double checked locking; safe because aliasOidsTable is volatile
// Double-checked locking; safe because aliasOidsTable is volatile
Map<String,String> tab = aliasOidsTable;
if (tab == null) {
synchronized (AlgorithmId.class) {

3
src/java.base/share/classes/sun/security/x509/AttributeNameEnumeration.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,7 +26,6 @@
package sun.security.x509;
import java.util.Vector;
import java.util.Enumeration;
/**
* <p>This class provides the Enumeration implementation used

6
src/java.base/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -121,7 +121,7 @@ public class AuthorityInfoAccessExtension extends Extension
throw new IOException("Invalid encoding for " +
"AuthorityInfoAccessExtension.");
}
accessDescriptions = new ArrayList<AccessDescription>();
accessDescriptions = new ArrayList<>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
AccessDescription accessDescription = new AccessDescription(seq);
@ -196,7 +196,7 @@ public class AuthorityInfoAccessExtension extends Extension
*/
public void delete(String name) throws IOException {
if (name.equalsIgnoreCase(DESCRIPTIONS)) {
accessDescriptions = new ArrayList<AccessDescription>();
accessDescriptions = new ArrayList<>();
} else {
throw new IOException("Attribute name [" + name +
"] not recognized by " +

10
src/java.base/share/classes/sun/security/x509/BasicConstraintsExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -74,7 +74,7 @@ implements CertAttrSet<String> {
DerOutputStream tmp = new DerOutputStream();
if (ca) {
tmp.putBoolean(ca);
tmp.putBoolean(true);
// Only encode pathLen when ca == true
if (pathLen >= 0) {
tmp.putInteger(pathLen);
@ -194,11 +194,7 @@ implements CertAttrSet<String> {
DerOutputStream tmp = new DerOutputStream();
if (extensionValue == null) {
this.extensionId = PKIXExtensions.BasicConstraints_Id;
if (ca) {
critical = true;
} else {
critical = false;
}
critical = ca;
encodeThis();
}
super.encode(tmp);

8
src/java.base/share/classes/sun/security/x509/CRLDistributionPointsExtension.java
View file

@ -57,7 +57,7 @@ import sun.security.util.ObjectIdentifier;
* the scheme-specific-part may be case-sensitive. When comparing
* URIs, conforming implementations MUST compare the scheme and host
* without regard to case, but assume the remainder of the
* scheme-specific-part is case sensitive. Processing rules for other
* scheme-specific-part is case-sensitive. Processing rules for other
* values are not defined by this specification. If the
* distributionPoint omits reasons, the CRL MUST include revocations
* for all reasons. If the distributionPoint omits cRLIssuer, the CRL
@ -101,7 +101,7 @@ public class CRLDistributionPointsExtension extends Extension
*/
private List<DistributionPoint> distributionPoints;
private String extensionName;
private final String extensionName;
/**
* Create a CRLDistributionPointsExtension from a List of
@ -177,7 +177,7 @@ public class CRLDistributionPointsExtension extends Extension
throw new IOException("Invalid encoding for " + extensionName +
" extension.");
}
distributionPoints = new ArrayList<DistributionPoint>();
distributionPoints = new ArrayList<>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
DistributionPoint point = new DistributionPoint(seq);
@ -257,7 +257,7 @@ public class CRLDistributionPointsExtension extends Extension
public void delete(String name) throws IOException {
if (name.equalsIgnoreCase(POINTS)) {
distributionPoints =
Collections.<DistributionPoint>emptyList();
Collections.emptyList();
} else {
throw new IOException("Attribute name [" + name +
"] not recognized by " +

4
src/java.base/share/classes/sun/security/x509/CRLExtensions.java
View file

@ -63,8 +63,8 @@ import sun.security.util.*;
*/
public class CRLExtensions {
private Map<String,Extension> map = Collections.synchronizedMap(
new TreeMap<String,Extension>());
private final Map<String,Extension> map = Collections.synchronizedMap(
new TreeMap<>());
private boolean unsupportedCritExt = false;
/**

6
src/java.base/share/classes/sun/security/x509/CRLNumberExtension.java
View file

@ -56,9 +56,9 @@ implements CertAttrSet<String> {
private static final String LABEL = "CRL Number";
private BigInteger crlNumber = null;
private String extensionName;
private String extensionLabel;
private BigInteger crlNumber;
private final String extensionName;
private final String extensionLabel;
// Encode this extension value
private void encodeThis() throws IOException {

4
src/java.base/share/classes/sun/security/x509/CRLReasonCodeExtension.java
View file

@ -49,9 +49,9 @@ public class CRLReasonCodeExtension extends Extension
public static final String NAME = "CRLReasonCode";
public static final String REASON = "reason";
private static CRLReason[] values = CRLReason.values();
private static final CRLReason[] values = CRLReason.values();
private int reasonCode = 0;
private int reasonCode;
private void encodeThis() throws IOException {
if (reasonCode == 0) {

7
src/java.base/share/classes/sun/security/x509/CertException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -82,8 +82,8 @@ public class CertException extends SecurityException {
public static final int err_ENCODING = 12;
// Private data members
private int verfCode;
private String moreData;
private final int verfCode;
private final String moreData;
/**
@ -104,6 +104,7 @@ public class CertException extends SecurityException {
public CertException(int code)
{
verfCode = code;
moreData = null;;
}
/**

21
src/java.base/share/classes/sun/security/x509/CertificateExtensions.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -54,8 +54,8 @@ public class CertificateExtensions implements CertAttrSet<Extension> {
private static final Debug debug = Debug.getInstance("x509");
private Map<String,Extension> map = Collections.synchronizedMap(
new TreeMap<String,Extension>());
private final Map<String,Extension> map = Collections.synchronizedMap(
new TreeMap<>());
private boolean unsupportedCritExt = false;
private Map<String,Extension> unparseableExtensions;
@ -86,7 +86,7 @@ public class CertificateExtensions implements CertAttrSet<Extension> {
}
}
private static Class<?>[] PARAMS = {Boolean.class, Object.class};
private static final Class<?>[] PARAMS = {Boolean.class, Object.class};
// Parse the encoded extension
private void parseExtension(Extension ext) throws IOException {
@ -112,10 +112,10 @@ public class CertificateExtensions implements CertAttrSet<Extension> {
}
} catch (InvocationTargetException invk) {
Throwable e = invk.getCause();
if (ext.isCritical() == false) {
if (!ext.isCritical()) {
// ignore errors parsing non-critical extensions
if (unparseableExtensions == null) {
unparseableExtensions = new TreeMap<String,Extension>();
unparseableExtensions = new TreeMap<>();
}
unparseableExtensions.put(ext.getExtensionId().toString(),
new UnparseableExtension(ext, e));
@ -236,7 +236,7 @@ public class CertificateExtensions implements CertAttrSet<Extension> {
map.remove(name);
}
public String getNameByOid(ObjectIdentifier oid) throws IOException {
public String getNameByOid(ObjectIdentifier oid) {
for (String name: map.keySet()) {
if (map.get(name).getExtensionId().equals(oid)) {
return name;
@ -262,11 +262,8 @@ public class CertificateExtensions implements CertAttrSet<Extension> {
}
public Map<String,Extension> getUnparseableExtensions() {
if (unparseableExtensions == null) {
return Collections.emptyMap();
} else {
return unparseableExtensions;
}
return (unparseableExtensions == null) ?
Collections.emptyMap() : unparseableExtensions;
}
/**

4
src/java.base/share/classes/sun/security/x509/CertificatePoliciesExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -145,7 +145,7 @@ implements CertAttrSet<String> {
throw new IOException("Invalid encoding for " +
"CertificatePoliciesExtension.");
}
certPolicies = new ArrayList<PolicyInformation>();
certPolicies = new ArrayList<>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
PolicyInformation policy = new PolicyInformation(seq);

11
src/java.base/share/classes/sun/security/x509/CertificatePolicyId.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -36,7 +36,7 @@ import sun.security.util.*;
* @author Hemma Prafullchandra
*/
public class CertificatePolicyId {
private ObjectIdentifier id;
private final ObjectIdentifier id;
/**
* Create a CertificatePolicyId with the ObjectIdentifier.
@ -67,11 +67,10 @@ public class CertificatePolicyId {
* Returns a printable representation of the CertificatePolicyId.
*/
public String toString() {
String s = "CertificatePolicyId: ["
+ id.toString()
+ "]\n";
return (s);
return ("CertificatePolicyId: ["
+ id.toString()
+ "]\n");
}
/**

13
src/java.base/share/classes/sun/security/x509/CertificatePolicyMap.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -36,8 +36,8 @@ import sun.security.util.*;
* @author Hemma Prafullchandra
*/
public class CertificatePolicyMap {
private CertificatePolicyId issuerDomain;
private CertificatePolicyId subjectDomain;
private final CertificatePolicyId issuerDomain;
private final CertificatePolicyId subjectDomain;
/**
* Create a CertificatePolicyMap with the passed CertificatePolicyId's.
@ -82,12 +82,11 @@ public class CertificatePolicyMap {
* Returns a printable representation of the CertificatePolicyId.
*/
public String toString() {
String s = "CertificatePolicyMap: [\n"
return ("CertificatePolicyMap: [\n"
+ "IssuerDomain:" + issuerDomain.toString()
+ "SubjectDomain:" + subjectDomain.toString()
+ "]\n";
return (s);
+ "]\n");
}
/**

9
src/java.base/share/classes/sun/security/x509/CertificatePolicySet.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2008, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -71,11 +71,10 @@ public class CertificatePolicySet {
* Return printable form of the object.
*/
public String toString() {
String s = "CertificatePolicySet:[\n"
+ ids.toString()
+ "]\n";
return (s);
return ("CertificatePolicySet:[\n"
+ ids.toString()
+ "]\n");
}
/**

8
src/java.base/share/classes/sun/security/x509/DNSName.java
View file

@ -50,7 +50,7 @@ import sun.security.util.*;
* @author Hemma Prafullchandra
*/
public class DNSName implements GeneralNameInterface {
private String name;
private final String name;
private static final String alphaDigits =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
@ -173,11 +173,9 @@ public class DNSName implements GeneralNameInterface {
if (this == obj)
return true;
if (!(obj instanceof DNSName))
if (!(obj instanceof DNSName other))
return false;
DNSName other = (DNSName)obj;
// RFC5280 mandates that these names are
// not case-sensitive
return name.equalsIgnoreCase(other.name);
@ -210,7 +208,7 @@ public class DNSName implements GeneralNameInterface {
* <p>
* RFC 5280: DNSName restrictions are expressed as foo.bar.com.
* Any DNSName that
* can be constructed by simply adding to the left hand side of the name
* can be constructed by simply adding to the left-hand side of the name
* satisfies the name constraint. For example, www.foo.bar.com would
* satisfy the constraint but foo1.bar.com would not.
* <p>

8
src/java.base/share/classes/sun/security/x509/DistributionPoint.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -328,16 +328,14 @@ public class DistributionPoint {
if (this == obj) {
return true;
}
if (obj instanceof DistributionPoint == false) {
if (!(obj instanceof DistributionPoint other)) {
return false;
}
DistributionPoint other = (DistributionPoint)obj;
boolean equal = Objects.equals(this.fullName, other.fullName)
return Objects.equals(this.fullName, other.fullName)
&& Objects.equals(this.relativeName, other.relativeName)
&& Objects.equals(this.crlIssuer, other.crlIssuer)
&& Arrays.equals(this.reasonFlags, other.reasonFlags);
return equal;
}
public int hashCode() {

8
src/java.base/share/classes/sun/security/x509/DistributionPointName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,9 +26,8 @@
package sun.security.x509;
import java.io.IOException;
import java.util.*;
import java.util.Objects;
import sun.security.util.BitArray;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
@ -196,10 +195,9 @@ public class DistributionPointName {
if (this == obj) {
return true;
}
if (obj instanceof DistributionPointName == false) {
if (!(obj instanceof DistributionPointName other)) {
return false;
}
DistributionPointName other = (DistributionPointName)obj;
return Objects.equals(this.fullName, other.fullName) &&
Objects.equals(this.relativeName, other.relativeName);

9
src/java.base/share/classes/sun/security/x509/EDIPartyName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2004, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -181,13 +181,10 @@ public class EDIPartyName implements GeneralNameInterface {
}
String otherParty = ((EDIPartyName)other).party;
if (this.party == null) {
if (otherParty != null)
return false;
return otherParty == null;
} else {
if (!(this.party.equals(otherParty)))
return false;
return this.party.equals(otherParty);
}
return true;
}
/**

13
src/java.base/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,12 +29,13 @@ import java.io.IOException;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import sun.security.util.*;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
import sun.security.util.KnownOIDs;
import sun.security.util.ObjectIdentifier;
/**
* This class defines the Extended Key Usage Extension, which
@ -158,7 +159,7 @@ implements CertAttrSet<String> {
throw new IOException("Invalid encoding for " +
"ExtendedKeyUsageExtension.");
}
keyUsages = new Vector<ObjectIdentifier>();
keyUsages = new Vector<>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
ObjectIdentifier usage = seq.getOID();
@ -273,7 +274,7 @@ implements CertAttrSet<String> {
}
public List<String> getExtendedKeyUsage() {
List<String> al = new ArrayList<String>(keyUsages.size());
List<String> al = new ArrayList<>(keyUsages.size());
for (ObjectIdentifier oid : keyUsages) {
al.add(oid.toString());
}

18
src/java.base/share/classes/sun/security/x509/Extension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -35,7 +35,7 @@ import sun.security.util.*;
*
* <p>Extensions are additional attributes which can be inserted in a X509
* v3 certificate. For example a "Driving License Certificate" could have
* the driving license number as a extension.
* the driving license number as an extension.
*
* <p>Extensions are represented as a sequence of the extension identifier
* (Object Identifier), a boolean flag stating whether the extension is to
@ -65,7 +65,7 @@ public class Extension implements java.security.cert.Extension {
protected byte[] extensionValue = null;
/**
* Default constructor. Used only by sub-classes.
* Default constructor. Used only by subclasses.
*/
public Extension() { }
@ -86,11 +86,10 @@ public class Extension implements java.security.cert.Extension {
// Extension value (DER encoded)
val = in.getDerValue();
extensionValue = val.getOctetString();
} else {
critical = false;
extensionValue = val.getOctetString();
}
extensionValue = val.getOctetString();
}
/**
@ -151,7 +150,7 @@ public class Extension implements java.security.cert.Extension {
dos1.putOID(extensionId);
if (critical) {
dos1.putBoolean(critical);
dos1.putBoolean(true);
}
dos1.putOctetString(extensionValue);
@ -176,7 +175,7 @@ public class Extension implements java.security.cert.Extension {
dos.putOID(extensionId);
if (critical)
dos.putBoolean(critical);
dos.putBoolean(true);
dos.putOctetString(extensionValue);
out.write(DerValue.tag_Sequence, dos);
@ -201,7 +200,7 @@ public class Extension implements java.security.cert.Extension {
}
/**
* Returns the extension value as an byte array for further processing.
* Returns the extension value as a byte array for further processing.
* Note, this is the raw DER value of the extension, not the DER
* encoded octet string which is in the certificate.
* This method does not return a clone; it is the responsibility of the
@ -259,9 +258,8 @@ public class Extension implements java.security.cert.Extension {
public boolean equals(Object other) {
if (this == other)
return true;
if (!(other instanceof Extension))
if (!(other instanceof Extension otherExt))
return false;
Extension otherExt = (Extension) other;
if (critical != otherExt.critical)
return false;
if (!extensionId.equals(otherExt.extensionId))

8
src/java.base/share/classes/sun/security/x509/FreshestCRLExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,12 +27,8 @@ package sun.security.x509;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Enumeration;
import java.util.List;
import sun.security.util.*;
/**
* Represents the Freshest CRL Extension.
*
@ -63,7 +59,7 @@ public class FreshestCRLExtension extends CRLDistributionPointsExtension {
public static final String NAME = "FreshestCRL";
/**
* Creates a freshest CRL extension.
* Creates a fresh CRL extension.
* The criticality is set to false.
*
* @param distributionPoints the list of delta CRL distribution points.

4
src/java.base/share/classes/sun/security/x509/GeneralName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -52,7 +52,7 @@ import sun.security.util.*;
public class GeneralName {
// Private data members
private GeneralNameInterface name = null;
private final GeneralNameInterface name;
/**
* Default constructor for the class.

30
src/java.base/share/classes/sun/security/x509/GeneralNameInterface.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2000, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -40,24 +40,24 @@ public interface GeneralNameInterface {
/**
* The list of names supported.
*/
public static final int NAME_ANY = 0;
public static final int NAME_RFC822 = 1;
public static final int NAME_DNS = 2;
public static final int NAME_X400 = 3;
public static final int NAME_DIRECTORY = 4;
public static final int NAME_EDI = 5;
public static final int NAME_URI = 6;
public static final int NAME_IP = 7;
public static final int NAME_OID = 8;
int NAME_ANY = 0;
int NAME_RFC822 = 1;
int NAME_DNS = 2;
int NAME_X400 = 3;
int NAME_DIRECTORY = 4;
int NAME_EDI = 5;
int NAME_URI = 6;
int NAME_IP = 7;
int NAME_OID = 8;
/**
* The list of constraint results.
*/
public static final int NAME_DIFF_TYPE = -1; /* input name is different type from name (i.e. does not constrain) */
public static final int NAME_MATCH = 0; /* input name matches name */
public static final int NAME_NARROWS = 1; /* input name narrows name */
public static final int NAME_WIDENS = 2; /* input name widens name */
public static final int NAME_SAME_TYPE = 3; /* input name does not match, narrow, or widen, but is same type */
int NAME_DIFF_TYPE = -1; /* input name is different type from name (i.e. does not constrain) */
int NAME_MATCH = 0; /* input name matches name */
int NAME_NARROWS = 1; /* input name narrows name */
int NAME_WIDENS = 2; /* input name widens name */
int NAME_SAME_TYPE = 3; /* input name does not match, narrow, or widen, but is same type */
/**
* Return the type of the general name, as

7
src/java.base/share/classes/sun/security/x509/GeneralNames.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2003, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -74,7 +74,7 @@ public class GeneralNames {
* The default constructor for this class.
*/
public GeneralNames() {
names = new ArrayList<GeneralName>();
names = new ArrayList<>();
}
public GeneralNames add(GeneralName name) {
@ -132,10 +132,9 @@ public class GeneralNames {
if (this == obj) {
return true;
}
if (obj instanceof GeneralNames == false) {
if (!(obj instanceof GeneralNames other)) {
return false;
}
GeneralNames other = (GeneralNames)obj;
return this.names.equals(other.names);
}

11
src/java.base/share/classes/sun/security/x509/GeneralSubtree.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2004, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -47,7 +47,7 @@ public class GeneralSubtree {
private static final byte TAG_MAX = 1;
private static final int MIN_DEFAULT = 0;
private GeneralName name;
private final GeneralName name;
private int minimum = MIN_DEFAULT;
private int maximum = -1;
@ -152,9 +152,8 @@ public class GeneralSubtree {
* @return true if match
*/
public boolean equals(Object other) {
if (!(other instanceof GeneralSubtree))
if (!(other instanceof GeneralSubtree otherGS))
return false;
GeneralSubtree otherGS = (GeneralSubtree)other;
if (this.name == null) {
if (otherGS.name != null) {
return false;
@ -165,9 +164,7 @@ public class GeneralSubtree {
}
if (this.minimum != otherGS.minimum)
return false;
if (this.maximum != otherGS.maximum)
return false;
return true;
return this.maximum == otherGS.maximum;
}
/**

10
src/java.base/share/classes/sun/security/x509/GeneralSubtrees.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -152,10 +152,9 @@ public class GeneralSubtrees implements Cloneable {
if (this == obj) {
return true;
}
if (obj instanceof GeneralSubtrees == false) {
if (!(obj instanceof GeneralSubtrees other)) {
return false;
}
GeneralSubtrees other = (GeneralSubtrees)obj;
return this.trees.equals(other.trees);
}
@ -175,8 +174,7 @@ public class GeneralSubtrees implements Cloneable {
private static GeneralNameInterface getGeneralNameInterface(GeneralSubtree gs) {
GeneralName gn = gs.getName();
GeneralNameInterface gni = gn.getName();
return gni;
return gn.getName();
}
/**
@ -408,7 +406,7 @@ public class GeneralSubtrees implements Cloneable {
}
}
}
if (intersection == false) {
if (!intersection) {
if (newExcluded == null) {
newExcluded = new GeneralSubtrees();
}

15
src/java.base/share/classes/sun/security/x509/IPAddressName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -69,7 +69,7 @@ import sun.security.util.DerValue;
*/
public class IPAddressName implements GeneralNameInterface {
private byte[] address;
private boolean isIPv4;
private final boolean isIPv4;
private String name;
/**
@ -211,8 +211,7 @@ public class IPAddressName implements GeneralNameInterface {
byte[] maskArray = bitArray.toByteArray();
// copy mask bytes into mask portion of address
for (int i = 0; i < MASKSIZE; i++)
address[MASKSIZE+i] = maskArray[i];
System.arraycopy(maskArray, 0, address, MASKSIZE, MASKSIZE);
}
}
@ -278,8 +277,7 @@ public class IPAddressName implements GeneralNameInterface {
// copy subdomain into new array and convert to BitArray
byte[] maskBytes = new byte[16];
for (int i=16; i < 32; i++)
maskBytes[i-16] = address[i];
System.arraycopy(address, 16, maskBytes, 0, 16);
BitArray ba = new BitArray(16*8, maskBytes);
// Find first zero bit
int i=0;
@ -316,10 +314,9 @@ public class IPAddressName implements GeneralNameInterface {
if (this == obj)
return true;
if (!(obj instanceof IPAddressName))
if (!(obj instanceof IPAddressName otherName))
return false;
IPAddressName otherName = (IPAddressName)obj;
byte[] other = otherName.address;
if (other.length != address.length)
@ -399,7 +396,7 @@ public class IPAddressName implements GeneralNameInterface {
constraintType = NAME_DIFF_TYPE;
else if (inputName.getType() != NAME_IP)
constraintType = NAME_DIFF_TYPE;
else if (((IPAddressName)inputName).equals(this))
else if (inputName.equals(this))
constraintType = NAME_MATCH;
else {
IPAddressName otherName = (IPAddressName)inputName;

7
src/java.base/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -126,7 +126,7 @@ implements CertAttrSet<String> {
if (!critical.booleanValue())
throw new IOException("Criticality cannot be false for " +
"InhibitAnyPolicy");
this.critical = critical.booleanValue();
this.critical = true;
this.extensionValue = (byte[]) value;
DerValue val = new DerValue(this.extensionValue);
@ -151,8 +151,7 @@ implements CertAttrSet<String> {
* Return user readable form of extension.
*/
public String toString() {
String s = super.toString() + "InhibitAnyPolicy: " + skipCerts + "\n";
return s;
return super.toString() + "InhibitAnyPolicy: " + skipCerts + "\n";
}
/**

4
src/java.base/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -62,7 +62,7 @@ extends Extension implements CertAttrSet<String> {
public static final String ISSUER_NAME = "issuer_name";
// private data members
GeneralNames names = null;
GeneralNames names;
// Encode this extension
private void encodeThis() throws IOException {

2
src/java.base/share/classes/sun/security/x509/IssuingDistributionPointExtension.java
View file

@ -187,7 +187,7 @@ public class IssuingDistributionPointExtension extends Extension
}
DerInputStream in = val.data;
while (in != null && in.available() != 0) {
while (in.available() != 0) {
DerValue opt = in.getDerValue();
if (opt.isContextSpecific(TAG_DISTRIBUTION_POINT) &&

6
src/java.base/share/classes/sun/security/x509/KeyIdentifier.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -40,7 +40,7 @@ import sun.security.util.*;
* @author Hemma Prafullchandra
*/
public class KeyIdentifier {
private byte[] octetString;
private final byte[] octetString;
/**
* Create a KeyIdentifier with the passed bit settings.
@ -90,7 +90,7 @@ public class KeyIdentifier {
AlgorithmId algid = AlgorithmId.parse(algAndKey.data.getDerValue());
byte[] key = algAndKey.data.getUnalignedBitString().toByteArray();
MessageDigest md = null;
MessageDigest md;
try {
md = MessageDigest.getInstance("SHA1");
} catch (NoSuchAlgorithmException e3) {

12
src/java.base/share/classes/sun/security/x509/NameConstraintsExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -87,7 +87,7 @@ implements CertAttrSet<String>, Cloneable {
private boolean minMaxValid = false;
// Recalculate hasMin and hasMax flags.
private void calcMinMax() throws IOException {
private void calcMinMax() {
hasMin = false;
hasMax = false;
if (excluded != null) {
@ -442,8 +442,8 @@ implements CertAttrSet<String>, Cloneable {
X500Name subject = X500Name.asX500Name(subjectPrincipal);
// Check subject as an X500Name
if (subject.isEmpty() == false) {
if (verify(subject) == false) {
if (!subject.isEmpty()) {
if (!verify(subject)) {
return false;
}
}
@ -609,9 +609,7 @@ implements CertAttrSet<String>, Cloneable {
return true; // name is definitely OK, so break out of loop
}
}
if (sameType) {
return false;
}
return !sameType;
}
return true;
}

15
src/java.base/share/classes/sun/security/x509/NetscapeCertTypeExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -40,7 +40,7 @@ import sun.security.util.*;
* <p>This extension, if present, defines both the purpose
* (e.g., encipherment, signature, certificate signing) and the application
* (e.g., SSL, S/Mime or Object Signing of the key contained in the
* certificate. This extension has been superseded by IETF PKIX extensions
* certificate). This extension has been superseded by IETF PKIX extensions
* but is provided here for compatibility reasons.
*
* @author Hemma Prafullchandra
@ -87,7 +87,7 @@ implements CertAttrSet<String> {
}
}
private static MapEntry[] mMapData = {
private static final MapEntry[] mMapData = {
new MapEntry(SSL_CLIENT, 0),
new MapEntry(SSL_SERVER, 1),
new MapEntry(S_MIME, 2),
@ -98,7 +98,7 @@ implements CertAttrSet<String> {
new MapEntry(OBJECT_SIGNING_CA, 7),
};
private static final Vector<String> mAttributeNames = new Vector<String>();
private static final Vector<String> mAttributeNames = new Vector<>();
static {
for (MapEntry entry : mMapData) {
mAttributeNames.add(entry.mName);
@ -299,21 +299,20 @@ implements CertAttrSet<String> {
*/
public boolean[] getKeyUsageMappedBits() {
KeyUsageExtension keyUsage = new KeyUsageExtension();
Boolean val = Boolean.TRUE;
try {
if (isSet(getPosition(SSL_CLIENT)) ||
isSet(getPosition(S_MIME)) ||
isSet(getPosition(OBJECT_SIGNING)))
keyUsage.set(KeyUsageExtension.DIGITAL_SIGNATURE, val);
keyUsage.set(KeyUsageExtension.DIGITAL_SIGNATURE, true);
if (isSet(getPosition(SSL_SERVER)))
keyUsage.set(KeyUsageExtension.KEY_ENCIPHERMENT, val);
keyUsage.set(KeyUsageExtension.KEY_ENCIPHERMENT, true);
if (isSet(getPosition(SSL_CA)) ||
isSet(getPosition(S_MIME_CA)) ||
isSet(getPosition(OBJECT_SIGNING_CA)))
keyUsage.set(KeyUsageExtension.KEY_CERTSIGN, val);
keyUsage.set(KeyUsageExtension.KEY_CERTSIGN, true);
} catch (IOException e) { }
return keyUsage.getBits();
}

5
src/java.base/share/classes/sun/security/x509/OCSPNoCheckExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,11 +26,8 @@
package sun.security.x509;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Enumeration;
import sun.security.util.*;
/**
* Represent the OCSP NoCheck Extension from RFC2560.
* <p>

20
src/java.base/share/classes/sun/security/x509/OIDMap.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -33,7 +33,7 @@ import java.security.cert.CertificateException;
import sun.security.util.*;
/**
* This class defines the mapping from OID {@literal &} name to classes and vice
* This class defines the mapping from OID {@literal &} name to class and vice
* versa. Used by CertificateExtensions {@literal &} PKCS10 to get the java
* classes associated with a particular OID/name.
*
@ -109,8 +109,8 @@ public class OIDMap {
private static final Map<String,OIDInfo> nameMap;
static {
oidMap = new HashMap<ObjectIdentifier,OIDInfo>();
nameMap = new HashMap<String,OIDInfo>();
oidMap = new HashMap<>();
nameMap = new HashMap<>();
addInternal(SUB_KEY_IDENTIFIER, PKIXExtensions.SubjectKey_Id,
"sun.security.x509.SubjectKeyIdentifierExtension");
addInternal(KEY_USAGE, PKIXExtensions.KeyUsage_Id,
@ -243,10 +243,10 @@ public class OIDMap {
}
/**
* Return user friendly name associated with the OID.
* Return user-friendly name associated with the OID.
*
* @param oid the name of the object identifier to be returned.
* @return the user friendly name or null if no name
* @return the user-friendly name or null if no name
* is registered for this oid.
*/
public static String getName(ObjectIdentifier oid) {
@ -257,7 +257,7 @@ public class OIDMap {
/**
* Return Object identifier for user friendly name.
*
* @param name the user friendly name.
* @param name the user-friendly name.
* @return the Object Identifier or null if no oid
* is registered for this name.
*/
@ -267,9 +267,9 @@ public class OIDMap {
}
/**
* Return the java class object associated with the user friendly name.
* Return the java class object associated with the user-friendly name.
*
* @param name the user friendly name.
* @param name the user-friendly name.
* @exception CertificateException if class cannot be instantiated.
*/
public static Class<?> getClass(String name) throws CertificateException {
@ -281,7 +281,7 @@ public class OIDMap {
* Return the java class object associated with the object identifier.
*
* @param oid the name of the object identifier to be returned.
* @exception CertificateException if class cannot be instatiated.
* @exception CertificateException if class cannot be instantiated.
*/
public static Class<?> getClass(ObjectIdentifier oid)
throws CertificateException {

10
src/java.base/share/classes/sun/security/x509/OIDName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -40,7 +40,7 @@ import sun.security.util.*;
* @see GeneralNameInterface
*/
public class OIDName implements GeneralNameInterface {
private ObjectIdentifier oid;
private final ObjectIdentifier oid;
/**
* Create the OIDName object from the passed encoded Der value.
@ -115,11 +115,9 @@ public class OIDName implements GeneralNameInterface {
if (this == obj)
return true;
if (!(obj instanceof OIDName))
if (!(obj instanceof OIDName other))
return false;
OIDName other = (OIDName)obj;
return oid.equals(other.oid);
}
@ -153,7 +151,7 @@ public class OIDName implements GeneralNameInterface {
constraintType = NAME_DIFF_TYPE;
else if (inputName.getType() != NAME_OID)
constraintType = NAME_DIFF_TYPE;
else if (this.equals((OIDName)inputName))
else if (this.equals(inputName))
constraintType = NAME_MATCH;
else
//widens and narrows not defined in RFC 5280 for OIDName (aka registeredID)

9
src/java.base/share/classes/sun/security/x509/OtherName.java
View file

@ -58,7 +58,7 @@ public class OtherName implements GeneralNameInterface {
private int myhash = -1;
/**
* Create the OtherName object from a passed ObjectIdentfier and
* Create the OtherName object from a passed ObjectIdentifier and
* byte array name value
*
* @param oid ObjectIdentifier of this OtherName object
@ -128,7 +128,6 @@ public class OtherName implements GeneralNameInterface {
if (extClass == null) { // Unsupported OtherName
return null;
}
Class<?>[] params = { Object.class };
Constructor<?> cons;
try {
cons = extClass.getConstructor(Object.class);
@ -158,7 +157,6 @@ public class OtherName implements GeneralNameInterface {
if (gni != null) {
// This OtherName has a supported class
gni.encode(out);
return;
} else {
// This OtherName has no supporting class
DerOutputStream tmp = new DerOutputStream();
@ -177,14 +175,13 @@ public class OtherName implements GeneralNameInterface {
if (this == other) {
return true;
}
if (!(other instanceof OtherName)) {
if (!(other instanceof OtherName otherOther)) {
return false;
}
OtherName otherOther = (OtherName)other;
if (!(otherOther.oid.equals(oid))) {
return false;
}
GeneralNameInterface otherGNI = null;
GeneralNameInterface otherGNI;
try {
otherGNI = getGNI(otherOther.oid, otherOther.nameValue);
} catch (IOException ioe) {

6
src/java.base/share/classes/sun/security/x509/PKIXExtensions.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -31,9 +31,9 @@ import sun.security.util.*;
/**
* Lists all the object identifiers of the X509 extensions of the PKIX profile.
*
* <p>Extensions are addiitonal attributes which can be inserted in a X509
* <p>Extensions are additional attributes which can be inserted in a X509
* v3 certificate. For example a "Driving License Certificate" could have
* the driving license number as a extension.
* the driving license number as an extension.
*
* <p>Extensions are represented as a sequence of the extension identifier
* (Object Identifier), a boolean flag stating whether the extension is to

9
src/java.base/share/classes/sun/security/x509/PolicyInformation.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -87,7 +87,7 @@ public class PolicyInformation {
throw new NullPointerException("policyQualifiers is null");
}
this.policyQualifiers =
new LinkedHashSet<PolicyQualifierInfo>(policyQualifiers);
new LinkedHashSet<>(policyQualifiers);
this.policyIdentifier = policyIdentifier;
}
@ -104,7 +104,7 @@ public class PolicyInformation {
}
policyIdentifier = new CertificatePolicyId(val.data.getDerValue());
if (val.data.available() != 0) {
policyQualifiers = new LinkedHashSet<PolicyQualifierInfo>();
policyQualifiers = new LinkedHashSet<>();
DerValue opt = val.data.getDerValue();
if (opt.tag != DerValue.tag_Sequence)
throw new IOException("Invalid encoding of PolicyInformation");
@ -125,9 +125,8 @@ public class PolicyInformation {
* @return true iff the PolicyInformation objects match
*/
public boolean equals(Object other) {
if (!(other instanceof PolicyInformation))
if (!(other instanceof PolicyInformation piOther))
return false;
PolicyInformation piOther = (PolicyInformation)other;
if (!policyIdentifier.equals(piOther.getPolicyIdentifier()))
return false;

15
src/java.base/share/classes/sun/security/x509/PolicyMappingsExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -36,9 +36,9 @@ import sun.security.util.*;
*
* This extension, if present, identifies the certificate policies considered
* identical between the issuing and the subject CA.
* <p>Extensions are addiitonal attributes which can be inserted in a X509
* <p>Extensions are additional attributes which can be inserted in a X509
* v3 certificate. For example a "Driving License Certificate" could have
* the driving license number as a extension.
* the driving license number as an extension.
*
* <p>Extensions are represented as a sequence of the extension identifier
* (Object Identifier), a boolean flag stating whether the extension is to
@ -102,7 +102,7 @@ implements CertAttrSet<String> {
public PolicyMappingsExtension() {
extensionId = PKIXExtensions.PolicyMappings_Id;
critical = true;
maps = Collections.<CertificatePolicyMap>emptyList();
maps = Collections.emptyList();
}
/**
@ -124,7 +124,7 @@ implements CertAttrSet<String> {
throw new IOException("Invalid encoding for " +
"PolicyMappingsExtension.");
}
maps = new ArrayList<CertificatePolicyMap>();
maps = new ArrayList<>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
CertificatePolicyMap map = new CertificatePolicyMap(seq);
@ -137,10 +137,9 @@ implements CertAttrSet<String> {
*/
public String toString() {
if (maps == null) return "";
String s = super.toString() + "PolicyMappings [\n"
+ maps.toString() + "]\n";
return (s);
return (super.toString() + "PolicyMappings [\n"
+ maps.toString() + "]\n");
}
/**

31
src/java.base/share/classes/sun/security/x509/RDN.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2002, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -85,7 +85,7 @@ public class RDN {
* @throws IOException on parsing error
*/
public RDN(String name) throws IOException {
this(name, Collections.<String, String>emptyMap());
this(name, Collections.emptyMap());
}
/**
@ -147,7 +147,7 @@ public class RDN {
AVA ava = new AVA(new StringReader(avaString), keywordMap);
avaVec.add(ava);
assertion = avaVec.toArray(new AVA[avaVec.size()]);
assertion = avaVec.toArray(new AVA[0]);
}
/*
@ -162,7 +162,7 @@ public class RDN {
* @throws IOException on parsing error
*/
RDN(String name, String format) throws IOException {
this(name, format, Collections.<String, String>emptyMap());
this(name, format, Collections.emptyMap());
}
/*
@ -179,10 +179,10 @@ public class RDN {
*/
RDN(String name, String format, Map<String, String> keywordMap)
throws IOException {
if (format.equalsIgnoreCase("RFC2253") == false) {
if (!format.equalsIgnoreCase("RFC2253")) {
throw new IOException("Unsupported format " + format);
}
int searchOffset = 0;
int searchOffset;
int avaOffset = 0;
List<AVA> avaVec = new ArrayList<>(3);
int nextPlus = name.indexOf('+');
@ -223,7 +223,7 @@ public class RDN {
AVA ava = new AVA(new StringReader(avaString), AVA.RFC2253, keywordMap);
avaVec.add(ava);
assertion = avaVec.toArray(new AVA[avaVec.size()]);
assertion = avaVec.toArray(new AVA[0]);
}
/*
@ -293,10 +293,9 @@ public class RDN {
if (this == obj) {
return true;
}
if (obj instanceof RDN == false) {
if (!(obj instanceof RDN other)) {
return false;
}
RDN other = (RDN)obj;
if (this.assertion.length != other.assertion.length) {
return false;
}
@ -341,7 +340,7 @@ public class RDN {
}
/*
* Returns a printable form of this RDN, using RFC 1779 style catenation
* Returns a printable form of this RDN, using RFC 1779 style concatenation
* of attribute/value assertions, and emitting attribute type keywords
* from RFCs 1779, 2253, and 5280.
*/
@ -362,7 +361,7 @@ public class RDN {
* RFC 1779. Only RFC 1779 attribute type keywords are emitted.
*/
public String toRFC1779String() {
return toRFC1779String(Collections.<String, String>emptyMap());
return toRFC1779String(Collections.emptyMap());
}
/*
@ -388,7 +387,7 @@ public class RDN {
*/
public String toRFC2253String() {
return toRFC2253StringInternal
(false, Collections.<String, String>emptyMap());
(false, Collections.emptyMap());
}
/*
@ -407,14 +406,14 @@ public class RDN {
* documented in X500Principal.getName are performed.
*/
public String toRFC2253String(boolean canonical) {
if (canonical == false) {
if (!canonical) {
return toRFC2253StringInternal
(false, Collections.<String, String>emptyMap());
(false, Collections.emptyMap());
}
String c = canonicalString;
if (c == null) {
c = toRFC2253StringInternal
(true, Collections.<String, String>emptyMap());
(true, Collections.emptyMap());
canonicalString = c;
}
return c;
@ -427,7 +426,7 @@ public class RDN {
* to a string, the output consists of the string encodings of each
* AttributeTypeAndValue (according to 2.3), in any order.
*
* Where there is a multi-valued RDN, the outputs from adjoining
* Where there is a multivalued RDN, the outputs from adjoining
* AttributeTypeAndValues are separated by a plus ('+' ASCII 43)
* character.
*/

8
src/java.base/share/classes/sun/security/x509/RFC822Name.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -42,7 +42,7 @@ import sun.security.util.*;
*/
public class RFC822Name implements GeneralNameInterface
{
private String name;
private final String name;
/**
* Create the RFC822Name object from the passed encoded Der value.
@ -137,11 +137,9 @@ public class RFC822Name implements GeneralNameInterface
if (this == obj)
return true;
if (!(obj instanceof RFC822Name))
if (!(obj instanceof RFC822Name other))
return false;
RFC822Name other = (RFC822Name)obj;
// RFC 5280 mandates that these names are
// not case-sensitive
return name.equalsIgnoreCase(other.name);

9
src/java.base/share/classes/sun/security/x509/ReasonFlags.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,11 +26,12 @@
package sun.security.x509;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Enumeration;
import sun.security.util.*;
import sun.security.util.BitArray;
import sun.security.util.DerInputStream;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
/**
* Represent the CRL Reason Flags.

4
src/java.base/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -67,7 +67,7 @@ implements CertAttrSet<String> {
public static final String SUBJECT_NAME = "subject_name";
// private data members
GeneralNames names = null;
GeneralNames names;
// Encode this extension
private void encodeThis() throws IOException {

6
src/java.base/share/classes/sun/security/x509/SubjectInfoAccessExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -126,7 +126,7 @@ public class SubjectInfoAccessExtension extends Extension
throw new IOException("Invalid encoding for " +
"SubjectInfoAccessExtension.");
}
accessDescriptions = new ArrayList<AccessDescription>();
accessDescriptions = new ArrayList<>();
while (val.data.available() != 0) {
DerValue seq = val.data.getDerValue();
AccessDescription accessDescription = new AccessDescription(seq);
@ -202,7 +202,7 @@ public class SubjectInfoAccessExtension extends Extension
public void delete(String name) throws IOException {
if (name.equalsIgnoreCase(DESCRIPTIONS)) {
accessDescriptions =
Collections.<AccessDescription>emptyList();
Collections.emptyList();
} else {
throw new IOException("Attribute name [" + name +
"] not recognized by " +

8
src/java.base/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -38,9 +38,9 @@ import sun.security.util.*;
* public key used in an application. This extension by default is marked
* non-critical.
*
* <p>Extensions are addiitonal attributes which can be inserted in a X509
* <p>Extensions are additional attributes which can be inserted in a X509
* v3 certificate. For example a "Driving License Certificate" could have
* the driving license number as a extension.
* the driving license number as an extension.
*
* <p>Extensions are represented as a sequence of the extension identifier
* (Object Identifier), a boolean flag stating whether the extension is to
@ -67,7 +67,7 @@ implements CertAttrSet<String> {
public static final String KEY_ID = "key_id";
// Private data member
private KeyIdentifier id = null;
private KeyIdentifier id;
// Encode this extension value
private void encodeThis() throws IOException {

21
src/java.base/share/classes/sun/security/x509/URIName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -48,7 +48,7 @@ import sun.security.util.*;
* case-sensitive, but other components of the scheme-specific-part may
* be case-sensitive. When comparing URIs, conforming implementations
* MUST compare the scheme and host without regard to case, but assume
* the remainder of the scheme-specific-part is case sensitive.
* the remainder of the scheme-specific-part is case-sensitive.
* <p>
* [RFC1738] In general, URLs are written as follows:
* <pre>
@ -68,7 +68,7 @@ import sun.security.util.*;
* [RFC2732] specifies that an IPv6 address contained inside a URL
* must be enclosed in square brackets (to allow distinguishing the
* colons that separate IPv6 components from the colons that separate
* scheme-specific data.
* scheme-specific data).
*
* @author Amit Kapoor
* @author Hemma Prafullchandra
@ -81,8 +81,8 @@ import sun.security.util.*;
public class URIName implements GeneralNameInterface {
// private attributes
private URI uri;
private String host;
private final URI uri;
private final String host;
private DNSName hostDNS;
private IPAddressName hostIP;
@ -147,7 +147,7 @@ public class URIName implements GeneralNameInterface {
/**
* Create the URIName object with the specified name constraint. URI
* name constraints syntax is different than SubjectAltNames, etc. See
* name constraints syntax is different from SubjectAltNames, etc. See
* 4.2.1.10 of RFC 5280.
*
* @param value the URI name constraint
@ -220,12 +220,10 @@ public class URIName implements GeneralNameInterface {
return true;
}
if (!(obj instanceof URIName)) {
if (!(obj instanceof URIName other)) {
return false;
}
URIName other = (URIName) obj;
return uri.equals(other.getURI());
}
@ -335,14 +333,13 @@ public class URIName implements GeneralNameInterface {
Object otherHostObject = ((URIName)inputName).getHostObject();
if ((hostDNS == null) ||
!(otherHostObject instanceof DNSName)) {
!(otherHostObject instanceof DNSName otherDNS)) {
// If one (or both) is an IP address, only same type
constraintType = NAME_SAME_TYPE;
} else {
// Both host portions are DNSNames. Are they domains?
boolean thisDomain = (host.charAt(0) == '.');
boolean otherDomain = (otherHost.charAt(0) == '.');
DNSName otherDNS = (DNSName) otherHostObject;
// Run DNSName.constrains.
constraintType = hostDNS.constrains(otherDNS);
@ -381,7 +378,7 @@ public class URIName implements GeneralNameInterface {
* @throws UnsupportedOperationException if not supported for this name type
*/
public int subtreeDepth() throws UnsupportedOperationException {
DNSName dnsName = null;
DNSName dnsName;
try {
dnsName = new DNSName(host);
} catch (IOException ioe) {

13
src/java.base/share/classes/sun/security/x509/UniqueIdentity.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,10 +25,11 @@
package sun.security.x509;
import java.io.IOException;
import java.math.BigInteger;
import sun.security.util.HexDumpEncoder;
import sun.security.util.*;
import sun.security.util.BitArray;
import sun.security.util.DerInputStream;
import sun.security.util.DerOutputStream;
import sun.security.util.DerValue;
/**
* This class defines the UniqueIdentity class used by certificates.
@ -38,7 +39,7 @@ import sun.security.util.*;
*/
public class UniqueIdentity {
// Private data members
private BitArray id;
private final BitArray id;
/**
* The default constructor for this class.
@ -90,7 +91,7 @@ public class UniqueIdentity {
* Encode the UniqueIdentity in DER form to the stream.
*
* @param out the DerOutputStream to marshal the contents to.
* @param tag enocode it under the following tag.
* @param tag encode it under the following tag.
* @exception IOException on errors.
*/
public void encode(DerOutputStream out, byte tag) throws IOException {

8
src/java.base/share/classes/sun/security/x509/UnparseableExtension.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2021, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -34,8 +34,8 @@ import sun.security.util.HexDumpEncoder;
*/
class UnparseableExtension extends Extension {
private String name;
private String exceptionDescription;
private String exceptionMessage;
private final String exceptionDescription;
private final String exceptionMessage;
UnparseableExtension(Extension ext, Throwable why) {
super(ext);
@ -45,7 +45,7 @@ class UnparseableExtension extends Extension {
Class<?> extClass = OIDMap.getClass(ext.getExtensionId());
if (extClass != null) {
Field field = extClass.getDeclaredField("NAME");
name = (String)(field.get(null)) + " ";
name = field.get(null) + " ";
}
} catch (Exception e) {
// If we cannot find the name, just ignore it

4
src/java.base/share/classes/sun/security/x509/X400Address.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -335,7 +335,7 @@ import sun.security.util.DerOutputStream;
public class X400Address implements GeneralNameInterface {
// Private data members
byte[] nameValue = null;
byte[] nameValue;
/**
* Create the X400Address object from the specified byte array

75
src/java.base/share/classes/sun/security/x509/X500Name.java
View file

@ -148,7 +148,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* @param dname the X.500 Distinguished Name
*/
public X500Name(String dname) throws IOException {
this(dname, Collections.<String, String>emptyMap());
this(dname, Collections.emptyMap());
}
/**
@ -181,7 +181,7 @@ public class X500Name implements GeneralNameInterface, Principal {
if (format.equalsIgnoreCase("RFC2253")) {
parseRFC2253DN(dname);
} else if (format.equalsIgnoreCase("DEFAULT")) {
parseDN(dname, Collections.<String, String>emptyMap());
parseDN(dname, Collections.emptyMap());
} else {
throw new IOException("Unsupported format " + format);
}
@ -198,7 +198,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* @param commonName common name of a person, e.g. "Vivette Davis"
* @param organizationUnit small organization name, e.g. "Purchasing"
* @param organizationName large organization name, e.g. "Onizuka, Inc."
* @param country two letter country code, e.g. "CH"
* @param country two-letter country code, e.g. "CH"
*/
public X500Name(String commonName, String organizationUnit,
String organizationName, String country)
@ -235,7 +235,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* @param organizationName large organization name, e.g. "Onizuka, Inc."
* @param localityName locality (city) name, e.g. "Palo Alto"
* @param stateName state name, e.g. "California"
* @param country two letter country code, e.g. "CH"
* @param country two-letter country code, e.g. "CH"
*/
public X500Name(String commonName, String organizationUnit,
String organizationName, String localityName,
@ -408,10 +408,9 @@ public class X500Name implements GeneralNameInterface, Principal {
if (this == obj) {
return true;
}
if (obj instanceof X500Name == false) {
if (!(obj instanceof X500Name other)) {
return false;
}
X500Name other = (X500Name)obj;
// if we already have the canonical forms, compare now
if ((this.canonicalDn != null) && (other.canonicalDn != null)) {
return this.canonicalDn.equals(other.canonicalDn);
@ -636,7 +635,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* keywords defined in RFC 1779 are emitted.
*/
public String getRFC1779Name() {
return getRFC1779Name(Collections.<String, String>emptyMap());
return getRFC1779Name(Collections.emptyMap());
}
/**
@ -649,12 +648,10 @@ public class X500Name implements GeneralNameInterface, Principal {
throws IllegalArgumentException {
if (oidMap.isEmpty()) {
// return cached result
if (rfc1779Dn != null) {
return rfc1779Dn;
} else {
if (rfc1779Dn == null) {
rfc1779Dn = generateRFC1779DN(oidMap);
return rfc1779Dn;
}
return rfc1779Dn;
}
return generateRFC1779DN(oidMap);
}
@ -665,7 +662,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* keywords defined in RFC 2253 are emitted.
*/
public String getRFC2253Name() {
return getRFC2253Name(Collections.<String, String>emptyMap());
return getRFC2253Name(Collections.emptyMap());
}
/**
@ -677,12 +674,10 @@ public class X500Name implements GeneralNameInterface, Principal {
public String getRFC2253Name(Map<String, String> oidMap) {
/* check for and return cached name */
if (oidMap.isEmpty()) {
if (rfc2253Dn != null) {
return rfc2253Dn;
} else {
if (rfc2253Dn == null) {
rfc2253Dn = generateRFC2253DN(oidMap);
return rfc2253Dn;
}
return rfc2253Dn;
}
return generateRFC2253DN(oidMap);
}
@ -789,7 +784,7 @@ public class X500Name implements GeneralNameInterface, Principal {
// more and order matters. We scan them in order, which
// conventionally is big-endian.
//
DerValue[] nameseq = null;
DerValue[] nameseq;
byte[] derBytes = in.toByteArray();
try {
@ -949,7 +944,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* NOTE: It's only on output that little-endian ordering is used.
*/
Collections.reverse(dnVector);
names = dnVector.toArray(new RDN[dnVector.size()]);
names = dnVector.toArray(new RDN[0]);
}
private void parseRFC2253DN(String dnString) throws IOException {
@ -1000,7 +995,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* NOTE: It's only on output that little-endian ordering is used.
*/
Collections.reverse(dnVector);
names = dnVector.toArray(new RDN[dnVector.size()]);
names = dnVector.toArray(new RDN[0]);
}
/*
@ -1023,7 +1018,7 @@ public class X500Name implements GeneralNameInterface, Principal {
private static boolean escaped
(int rdnEnd, int searchOffset, String dnString) {
if (rdnEnd == 1 && dnString.charAt(rdnEnd - 1) == '\\') {
if (rdnEnd == 1 && dnString.charAt(0) == '\\') {
// case 1:
// \,
@ -1054,7 +1049,7 @@ public class X500Name implements GeneralNameInterface, Principal {
}
// if count is odd, then rdnEnd is escaped
return (count % 2) != 0 ? true : false;
return (count % 2) != 0;
} else {
return false;
@ -1074,11 +1069,6 @@ public class X500Name implements GeneralNameInterface, Principal {
return;
}
if (names == null) {
dn = "";
return;
}
StringJoiner sj = new StringJoiner(", ");
for (int i = names.length - 1; i >= 0; i--) {
sj.add(names[i].toString());
@ -1100,10 +1090,6 @@ public class X500Name implements GeneralNameInterface, Principal {
return names[0].toRFC1779String(oidMap);
}
if (names == null) {
return "";
}
StringJoiner sj = new StringJoiner(", ");
for (int i = names.length - 1; i >= 0; i--) {
sj.add(names[i].toRFC1779String(oidMap));
@ -1299,7 +1285,7 @@ public class X500Name implements GeneralNameInterface, Principal {
if (thisLen == 0 || otherLen == 0) {
return null;
}
int minLen = (thisLen < otherLen) ? thisLen: otherLen;
int minLen = Math.min(thisLen, otherLen);
//Compare names from highest RDN down the naming tree
//Note that these are stored in RDN[0]...
@ -1316,11 +1302,9 @@ public class X500Name implements GeneralNameInterface, Principal {
//Copy matching RDNs into new RDN array
RDN[] ancestor = new RDN[i];
for (int j=0; j < i; j++) {
ancestor[j] = names[j];
}
System.arraycopy(names, 0, ancestor, 0, i);
X500Name commonAncestor = null;
X500Name commonAncestor;
try {
commonAncestor = new X500Name(ancestor);
} catch (IOException ioe) {
@ -1345,17 +1329,16 @@ public class X500Name implements GeneralNameInterface, Principal {
*/
static {
PrivilegedExceptionAction<Object[]> pa =
new PrivilegedExceptionAction<>() {
public Object[] run() throws Exception {
Class<X500Principal> pClass = X500Principal.class;
Class<?>[] args = new Class<?>[] { X500Name.class };
Constructor<X500Principal> cons = pClass.getDeclaredConstructor(args);
cons.setAccessible(true);
Field field = pClass.getDeclaredField("thisX500Name");
field.setAccessible(true);
return new Object[] {cons, field};
}
};
() -> {
Class<X500Principal> pClass = X500Principal.class;
Class<?>[] args = new Class<?>[] { X500Name.class };
Constructor<X500Principal> cons =
pClass.getDeclaredConstructor(args);
cons.setAccessible(true);
Field field = pClass.getDeclaredField("thisX500Name");
field.setAccessible(true);
return new Object[] {cons, field};
};
try {
@SuppressWarnings("removal")
Object[] result = AccessController.doPrivileged(pa);

7
src/java.base/share/classes/sun/security/x509/X509AttributeName.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -36,8 +36,8 @@ public class X509AttributeName {
private static final char SEPARATOR = '.';
// Private data members
private String prefix = null;
private String suffix = null;
private final String prefix;
private final String suffix;
/**
* Default constructor for the class. Name is of the form
@ -49,6 +49,7 @@ public class X509AttributeName {
int i = name.indexOf(SEPARATOR);
if (i < 0) {
prefix = name;
suffix = null;
} else {
prefix = name.substring(0, i);
suffix = name.substring(i + 1);

4
src/java.base/share/classes/sun/security/x509/X509CRLEntryImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -408,7 +408,7 @@ public class X509CRLEntryImpl extends X509CRLEntry
if (extAlias == null) { // may be unknown
ObjectIdentifier findOID = ObjectIdentifier.of(oid);
Extension ex = null;
Extension ex;
ObjectIdentifier inCertOID;
for (Enumeration<Extension> e = extensions.getElements();
e.hasMoreElements();) {

38
src/java.base/share/classes/sun/security/x509/X509CRLImpl.java
View file

@ -95,8 +95,9 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
private X500Principal issuerPrincipal = null;
private Date thisUpdate = null;
private Date nextUpdate = null;
private Map<X509IssuerSerial,X509CRLEntry> revokedMap = new TreeMap<>();
private List<X509CRLEntry> revokedList = new LinkedList<>();
private final Map<X509IssuerSerial,X509CRLEntry> revokedMap =
new TreeMap<>();
private final List<X509CRLEntry> revokedList = new LinkedList<>();
private CRLExtensions extensions = null;
private static final boolean isExplicit = true;
@ -368,7 +369,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
if (signedCRL == null) {
throw new CRLException("Uninitialized CRL");
}
Signature sigVerf = null;
Signature sigVerf;
String sigName = sigAlgId.getName();
if (sigProvider.isEmpty()) {
sigVerf = Signature.getInstance(sigName);
@ -421,7 +422,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
if (signedCRL == null) {
throw new CRLException("Uninitialized CRL");
}
Signature sigVerf = null;
Signature sigVerf;
String sigName = sigAlgId.getName();
if (sigProvider == null) {
sigVerf = Signature.getInstance(sigName);
@ -612,10 +613,10 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
* false otherwise.
*/
public boolean isRevoked(Certificate cert) {
if (revokedMap.isEmpty() || (!(cert instanceof X509Certificate))) {
if (revokedMap.isEmpty() ||
(!(cert instanceof X509Certificate xcert))) {
return false;
}
X509Certificate xcert = (X509Certificate) cert;
X509IssuerSerial issuerSerial = new X509IssuerSerial(xcert);
return revokedMap.containsKey(issuerSerial);
}
@ -740,7 +741,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
if (revokedList.isEmpty()) {
return null;
} else {
return new TreeSet<X509CRLEntry>(revokedList);
return new TreeSet<>(revokedList);
}
}
@ -842,9 +843,8 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
public KeyIdentifier getAuthKeyId() throws IOException {
AuthorityKeyIdentifierExtension aki = getAuthKeyIdExtension();
if (aki != null) {
KeyIdentifier keyId = (KeyIdentifier)aki.get(
return (KeyIdentifier)aki.get(
AuthorityKeyIdentifierExtension.KEY_ID);
return keyId;
} else {
return null;
}
@ -882,8 +882,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
public BigInteger getCRLNumber() throws IOException {
CRLNumberExtension numExt = getCRLNumberExtension();
if (numExt != null) {
BigInteger num = numExt.get(CRLNumberExtension.NUMBER);
return num;
return numExt.get(CRLNumberExtension.NUMBER);
} else {
return null;
}
@ -911,8 +910,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
public BigInteger getBaseCRLNumber() throws IOException {
DeltaCRLIndicatorExtension dciExt = getDeltaCRLIndicatorExtension();
if (dciExt != null) {
BigInteger num = dciExt.get(DeltaCRLIndicatorExtension.NUMBER);
return num;
return dciExt.get(DeltaCRLIndicatorExtension.NUMBER);
} else {
return null;
}
@ -1016,7 +1014,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
if (extAlias == null) { // may be unknown
ObjectIdentifier findOID = ObjectIdentifier.of(oid);
Extension ex = null;
Extension ex;
ObjectIdentifier inCertOID;
for (Enumeration<Extension> e = extensions.getElements();
e.hasMoreElements();) {
@ -1060,7 +1058,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
* Parses an X.509 CRL, should be used only by constructors.
*/
private void parse(DerValue val) throws CRLException, IOException {
// check if can over write the certificate
// check if we can overwrite the certificate
if (readOnly)
throw new CRLException("cannot over-write existing CRL");
@ -1322,16 +1320,12 @@ public class X509CRLImpl extends X509CRL implements DerEncoder {
return true;
}
if (!(o instanceof X509IssuerSerial)) {
if (!(o instanceof X509IssuerSerial other)) {
return false;
}
X509IssuerSerial other = (X509IssuerSerial) o;
if (serial.equals(other.getSerial()) &&
issuer.equals(other.getIssuer())) {
return true;
}
return false;
return serial.equals(other.getSerial()) &&
issuer.equals(other.getIssuer());
}
/**

76
src/java.base/share/classes/sun/security/x509/X509CertImpl.java
View file

@ -130,7 +130,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
// number of standard key usage bits.
private static final int NUM_STANDARD_KEY_USAGE = 9;
// SubjectAlterntativeNames cache
// SubjectAlternativeNames cache
private Collection<List<?>> subjectAlternativeNames;
// IssuerAlternativeNames cache
@ -200,7 +200,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
*/
public X509CertImpl(InputStream in) throws CertificateException {
DerValue der = null;
DerValue der;
BufferedInputStream inBuffered = new BufferedInputStream(in);
@ -241,7 +241,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
*/
private DerValue readRFC1421Cert(InputStream in) throws IOException {
DerValue der = null;
String line = null;
String line;
BufferedReader certBufferedReader =
new BufferedReader(new InputStreamReader(in, US_ASCII));
try {
@ -419,7 +419,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
throw new CertificateEncodingException("Uninitialized certificate");
}
// Verify the signature ...
Signature sigVerf = null;
Signature sigVerf;
String sigName = algId.getName();
if (sigProvider.isEmpty()) {
sigVerf = Signature.getInstance(sigName);
@ -444,7 +444,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
verifiedPublicKey = key;
verifiedProvider = sigProvider;
if (verificationResult == false) {
if (!verificationResult) {
throw new SignatureException("Signature does not match.");
}
}
@ -473,7 +473,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
throw new CertificateEncodingException("Uninitialized certificate");
}
// Verify the signature ...
Signature sigVerf = null;
Signature sigVerf;
String sigName = algId.getName();
if (sigProvider == null) {
sigVerf = Signature.getInstance(sigName);
@ -497,7 +497,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
verificationResult = sigVerf.verify(signature);
verifiedPublicKey = key;
if (verificationResult == false) {
if (!verificationResult) {
throw new SignatureException("Signature does not match.");
}
}
@ -608,7 +608,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
public void checkValidity(Date date)
throws CertificateExpiredException, CertificateNotYetValidException {
CertificateValidity interval = null;
CertificateValidity interval;
try {
interval = (CertificateValidity)info.get(CertificateValidity.NAME);
} catch (Exception e) {
@ -703,11 +703,10 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
+ " be of type X509CertInfo.");
}
info = (X509CertInfo)obj;
signedCert = null; //reset this as certificate data has changed
} else {
info.set(attr.getSuffix(), obj);
signedCert = null; //reset this as certificate data has changed
}
signedCert = null; //reset this as certificate data has changed
} else {
throw new CertificateException("Attribute name not recognized or " +
"set() not allowed for the same: " + id);
@ -804,9 +803,8 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
if (info == null)
return null;
try {
PublicKey key = (PublicKey)info.get(CertificateX509Key.NAME
return (PublicKey)info.get(CertificateX509Key.NAME
+ DOT + CertificateX509Key.KEY);
return key;
} catch (Exception e) {
return null;
}
@ -850,10 +848,9 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
if (info == null)
return null;
try {
SerialNumber ser = (SerialNumber)info.get(
return (SerialNumber)info.get(
CertificateSerialNumber.NAME + DOT +
CertificateSerialNumber.NUMBER);
return ser;
} catch (Exception e) {
return null;
}
@ -870,9 +867,8 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
if (info == null)
return null;
try {
Principal subject = (Principal)info.get(X509CertInfo.SUBJECT + DOT +
return (Principal)info.get(X509CertInfo.SUBJECT + DOT +
X509CertInfo.DN_NAME);
return subject;
} catch (Exception e) {
return null;
}
@ -888,10 +884,9 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
return null;
}
try {
X500Principal subject = (X500Principal)info.get(
return (X500Principal)info.get(
X509CertInfo.SUBJECT + DOT +
"x500principal");
return subject;
} catch (Exception e) {
return null;
}
@ -907,9 +902,8 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
if (info == null)
return null;
try {
Principal issuer = (Principal)info.get(X509CertInfo.ISSUER + DOT +
return (Principal)info.get(X509CertInfo.ISSUER + DOT +
X509CertInfo.DN_NAME);
return issuer;
} catch (Exception e) {
return null;
}
@ -925,10 +919,9 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
return null;
}
try {
X500Principal issuer = (X500Principal)info.get(
return (X500Principal)info.get(
X509CertInfo.ISSUER + DOT +
"x500principal");
return issuer;
} catch (Exception e) {
return null;
}
@ -943,9 +936,8 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
if (info == null)
return null;
try {
Date d = (Date) info.get(CertificateValidity.NAME + DOT +
return (Date) info.get(CertificateValidity.NAME + DOT +
CertificateValidity.NOT_BEFORE);
return d;
} catch (Exception e) {
return null;
}
@ -960,9 +952,8 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
if (info == null)
return null;
try {
Date d = (Date) info.get(CertificateValidity.NAME + DOT +
return (Date) info.get(CertificateValidity.NAME + DOT +
CertificateValidity.NOT_AFTER);
return d;
} catch (Exception e) {
return null;
}
@ -1313,22 +1304,20 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
} catch (CertificateException ce) {
return null;
}
if (extensions == null) {
return null;
} else {
if (extensions != null) {
Extension ex = extensions.getExtension(oid.toString());
if (ex != null) {
return ex;
}
for (Extension ex2: extensions.getAllExtensions()) {
for (Extension ex2 : extensions.getAllExtensions()) {
if (ex2.getExtensionId().equals(oid)) {
//XXXX May want to consider cloning this
return ex2;
}
}
/* no such extension in this certificate */
return null;
}
return null;
} catch (IOException ioe) {
return null;
}
@ -1370,7 +1359,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
CertificateExtensions.NAME);
if (extAlias == null) { // may be unknown
// get the extensions, search thru' for this oid
// get the extensions, search through' for this oid
if (exts == null) {
return null;
}
@ -1382,7 +1371,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
break;
}
}
} else { // there's sub-class that can handle this extension
} else { // there's subclass that can handle this extension
try {
certExt = (Extension)this.get(extAlias);
} catch (CertificateException e) {
@ -1517,8 +1506,8 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
if (certExt == null)
return -1;
if (((Boolean)certExt.get(BasicConstraintsExtension.IS_CA)
).booleanValue() == true)
if (((Boolean) certExt.get(BasicConstraintsExtension.IS_CA)).
booleanValue())
return ((Integer)certExt.get(
BasicConstraintsExtension.PATH_LEN)).intValue();
else
@ -1539,7 +1528,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
*/
private static Collection<List<?>> makeAltNames(GeneralNames names) {
if (names.isEmpty()) {
return Collections.<List<?>>emptySet();
return Collections.emptySet();
}
List<List<?>> newNames = new ArrayList<>();
for (GeneralName gname : names.names()) {
@ -1610,6 +1599,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
if (nameEntry.get(1) instanceof byte[]) {
// must clone names
mustClone = true;
break;
}
}
if (mustClone) {
@ -1656,7 +1646,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
SubjectAlternativeNameExtension.SUBJECT_NAME);
} catch (IOException ioe) {
// should not occur
return Collections.<List<?>>emptySet();
return Collections.emptySet();
}
subjectAlternativeNames = makeAltNames(names);
return subjectAlternativeNames;
@ -1689,7 +1679,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
SubjectAlternativeNameExtension.SUBJECT_NAME);
} catch (IOException ioe) {
// should not occur
return Collections.<List<?>>emptySet();
return Collections.emptySet();
}
return makeAltNames(names);
} catch (IOException ioe) {
@ -1722,7 +1712,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
IssuerAlternativeNameExtension.ISSUER_NAME);
} catch (IOException ioe) {
// should not occur
return Collections.<List<?>>emptySet();
return Collections.emptySet();
}
issuerAlternativeNames = makeAltNames(names);
return issuerAlternativeNames;
@ -1755,7 +1745,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
IssuerAlternativeNameExtension.ISSUER_NAME);
} catch (IOException ioe) {
// should not occur
return Collections.<List<?>>emptySet();
return Collections.emptySet();
}
return makeAltNames(names);
} catch (IOException ioe) {
@ -1782,7 +1772,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
*/
private void parse(DerValue val)
throws CertificateException, IOException {
// check if can over write the certificate
// check if we can overwrite the certificate
if (readOnly)
throw new CertificateParsingException(
"cannot over-write existing certificate");
@ -1848,7 +1838,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
// tmp always contains serial number now
tmp = tbsIn.getDerValue(); // skip signature
tmp = tbsIn.getDerValue(); // issuer
if (getIssuer == false) {
if (!getIssuer) {
tmp = tbsIn.getDerValue(); // skip validity
tmp = tbsIn.getDerValue(); // subject
}
@ -1942,7 +1932,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder {
return false;
}
private ConcurrentHashMap<String,String> fingerprints =
private final ConcurrentHashMap<String,String> fingerprints =
new ConcurrentHashMap<>(2);
private String getFingerprint(String algorithm, Debug debug) {

12
src/java.base/share/classes/sun/security/x509/X509CertInfo.java
View file

@ -114,7 +114,7 @@ public class X509CertInfo implements CertAttrSet<String> {
private byte[] rawCertInfo = null;
// The certificate attribute name to integer mapping stored here
private static final Map<String,Integer> map = new HashMap<String,Integer>();
private static final Map<String,Integer> map = new HashMap<>();
static {
map.put(VERSION, Integer.valueOf(ATTR_VERSION));
map.put(SERIAL_NUMBER, Integer.valueOf(ATTR_SERIAL));
@ -342,7 +342,7 @@ public class X509CertInfo implements CertAttrSet<String> {
}
}
Map<String,Extension> invalid = extensions.getUnparseableExtensions();
if (invalid.isEmpty() == false) {
if (!invalid.isEmpty()) {
sb.append("\nUnparseable certificate extensions: ")
.append(invalid.size());
int i = 1;
@ -717,7 +717,7 @@ public class X509CertInfo implements CertAttrSet<String> {
*/
private void verifyCert(X500Name subject,
CertificateExtensions extensions)
throws CertificateParsingException, IOException {
throws CertificateParsingException {
// if SubjectName is empty, check for SubjectAlternativeNameExtension
if (subject.isEmpty()) {
@ -726,8 +726,8 @@ public class X509CertInfo implements CertAttrSet<String> {
"incomplete: subject field is empty, and certificate " +
"has no extensions");
}
SubjectAlternativeNameExtension subjectAltNameExt = null;
GeneralNames names = null;
SubjectAlternativeNameExtension subjectAltNameExt;
GeneralNames names;
try {
subjectAltNameExt = (SubjectAlternativeNameExtension)
extensions.get(SubjectAlternativeNameExtension.NAME);
@ -744,7 +744,7 @@ public class X509CertInfo implements CertAttrSet<String> {
throw new CertificateParsingException("X.509 Certificate is " +
"incomplete: subject field is empty, and " +
"SubjectAlternativeName extension is empty");
} else if (subjectAltNameExt.isCritical() == false) {
} else if (!subjectAltNameExt.isCritical()) {
throw new CertificateParsingException("X.509 Certificate is " +
"incomplete: SubjectAlternativeName extension MUST " +
"be marked critical when subject field is empty");

5
src/java.base/share/classes/sun/security/x509/X509Key.java
View file

@ -270,8 +270,7 @@ public class X509Key implements PublicKey {
throw new IOException (classname + " [internal error]");
}
X509Key result = new X509Key(algid, key);
return result;
return new X509Key(algid, key);
}
/**
@ -426,7 +425,7 @@ public class X509Key implements PublicKey {
if (this == obj) {
return true;
}
if (obj instanceof Key == false) {
if (!(obj instanceof Key)) {
return false;
}
try {