archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8259385: Cleanup unused assignment

Browse source 
Reviewed-by: attila
This commit is contained in:
Xue-Lei Andrew Fan 2021-01-11 00:33:22 +00:00
parent 9154f64349
commit b72de3c5fc
18 changed files with 70 additions and 79 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java
View file

@ -1103,7 +1103,7 @@ final class CertStatusExtension {
public byte[] produce(ConnectionContext context, public byte[] produce(ConnectionContext context,
HandshakeMessage message) throws IOException { HandshakeMessage message) throws IOException {
ServerHandshakeContext shc = (ServerHandshakeContext)context; ServerHandshakeContext shc = (ServerHandshakeContext)context;
byte[] producedData = null; byte[] producedData;
// Stapling needs to be active and have valid data to proceed // Stapling needs to be active and have valid data to proceed
if (shc.stapleParams == null) { if (shc.stapleParams == null) {

44
src/java.base/share/classes/sun/security/ssl/CertificateStatus.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -85,8 +85,8 @@ final class CertificateStatus {
static final class CertificateStatusMessage extends HandshakeMessage { static final class CertificateStatusMessage extends HandshakeMessage {
final CertStatusRequestType statusType; final CertStatusRequestType statusType;
int encodedResponsesLen = 0; final int encodedResponsesLen;
int messageLength = -1; final int messageLength;
final List<byte[]> encodedResponses = new ArrayList<>(); final List<byte[]> encodedResponses = new ArrayList<>();
CertificateStatusMessage(HandshakeContext handshakeContext) { CertificateStatusMessage(HandshakeContext handshakeContext) {
@ -114,6 +114,7 @@ final class CertificateStatus {
// Walk the certificate list and add the correct encoded responses // Walk the certificate list and add the correct encoded responses
// to the encoded responses list // to the encoded responses list
statusType = stapleParams.statReqType; statusType = stapleParams.statReqType;
int encodedLen = 0;
if (statusType == CertStatusRequestType.OCSP) { if (statusType == CertStatusRequestType.OCSP) {
// Just worry about the first cert in the chain // Just worry about the first cert in the chain
byte[] resp = stapleParams.responseMap.get(certChain[0]); byte[] resp = stapleParams.responseMap.get(certChain[0]);
@ -124,7 +125,7 @@ final class CertificateStatus {
resp = new byte[0]; resp = new byte[0];
} }
encodedResponses.add(resp); encodedResponses.add(resp);
encodedResponsesLen += resp.length + 3; encodedLen += resp.length + 3;
} else if (statusType == CertStatusRequestType.OCSP_MULTI) { } else if (statusType == CertStatusRequestType.OCSP_MULTI) {
for (X509Certificate cert : certChain) { for (X509Certificate cert : certChain) {
byte[] resp = stapleParams.responseMap.get(cert); byte[] resp = stapleParams.responseMap.get(cert);
@ -132,14 +133,15 @@ final class CertificateStatus {
resp = new byte[0]; resp = new byte[0];
} }
encodedResponses.add(resp); encodedResponses.add(resp);
encodedResponsesLen += resp.length + 3; encodedLen += resp.length + 3;
} }
} else { } else {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"Unsupported StatusResponseType: " + statusType); "Unsupported StatusResponseType: " + statusType);
} }
messageLength = messageLength(); encodedResponsesLen = encodedLen;
messageLength = messageLength(statusType, encodedResponsesLen);
} }
CertificateStatusMessage(HandshakeContext handshakeContext, CertificateStatusMessage(HandshakeContext handshakeContext,
@ -182,7 +184,18 @@ final class CertificateStatus {
Alert.HANDSHAKE_FAILURE, Alert.HANDSHAKE_FAILURE,
"Unsupported StatusResponseType: " + statusType); "Unsupported StatusResponseType: " + statusType);
} }
messageLength = messageLength(); messageLength = messageLength(statusType, encodedResponsesLen);
}
private static int messageLength(
CertStatusRequestType statusType, int encodedResponsesLen) {
if (statusType == CertStatusRequestType.OCSP) {
return 1 + encodedResponsesLen;
} else if (statusType == CertStatusRequestType.OCSP_MULTI) {
return 4 + encodedResponsesLen;
}
return -1;
} }
@Override @Override
@ -192,17 +205,6 @@ final class CertificateStatus {
@Override @Override
public int messageLength() { public int messageLength() {
int len = 1;
if (messageLength == -1) {
if (statusType == CertStatusRequestType.OCSP) {
len += encodedResponsesLen;
} else if (statusType == CertStatusRequestType.OCSP_MULTI) {
len += 3 + encodedResponsesLen;
}
messageLength = len;
}
return messageLength; return messageLength;
} }
@ -214,11 +216,7 @@ final class CertificateStatus {
} else if (statusType == CertStatusRequestType.OCSP_MULTI) { } else if (statusType == CertStatusRequestType.OCSP_MULTI) {
s.putInt24(encodedResponsesLen); s.putInt24(encodedResponsesLen);
for (byte[] respBytes : encodedResponses) { for (byte[] respBytes : encodedResponses) {
if (respBytes != null) { s.putBytes24(respBytes);
s.putBytes24(respBytes);
} else {
s.putBytes24(null);
}
} }
} else { } else {
// It is highly unlikely that we will fall into this section // It is highly unlikely that we will fall into this section

30
src/java.base/share/classes/sun/security/ssl/CertificateVerify.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -74,7 +74,7 @@ final class CertificateVerify {
// This happens in client side only. // This happens in client side only.
ClientHandshakeContext chc = (ClientHandshakeContext)context; ClientHandshakeContext chc = (ClientHandshakeContext)context;
byte[] temproary = null; byte[] temporary;
String algorithm = x509Possession.popPrivateKey.getAlgorithm(); String algorithm = x509Possession.popPrivateKey.getAlgorithm();
try { try {
Signature signer = Signature signer =
@ -82,7 +82,7 @@ final class CertificateVerify {
byte[] hashes = chc.handshakeHash.digest(algorithm, byte[] hashes = chc.handshakeHash.digest(algorithm,
chc.handshakeSession.getMasterSecret()); chc.handshakeSession.getMasterSecret());
signer.update(hashes); signer.update(hashes);
temproary = signer.sign(); temporary = signer.sign();
} catch (NoSuchAlgorithmException nsae) { } catch (NoSuchAlgorithmException nsae) {
throw chc.conContext.fatal(Alert.INTERNAL_ERROR, throw chc.conContext.fatal(Alert.INTERNAL_ERROR,
"Unsupported signature algorithm (" + algorithm + "Unsupported signature algorithm (" + algorithm +
@ -92,7 +92,7 @@ final class CertificateVerify {
"Cannot produce CertificateVerify signature", gse); "Cannot produce CertificateVerify signature", gse);
} }
this.signature = temproary; this.signature = temporary;
} }
S30CertificateVerifyMessage(HandshakeContext context, S30CertificateVerifyMessage(HandshakeContext context,
@ -194,7 +194,7 @@ final class CertificateVerify {
*/ */
private static Signature getSignature(String algorithm, private static Signature getSignature(String algorithm,
Key key) throws GeneralSecurityException { Key key) throws GeneralSecurityException {
Signature signer = null; Signature signer;
switch (algorithm) { switch (algorithm) {
case "RSA": case "RSA":
signer = Signature.getInstance(JsseJce.SIGNATURE_RAWRSA); signer = Signature.getInstance(JsseJce.SIGNATURE_RAWRSA);
@ -330,14 +330,14 @@ final class CertificateVerify {
// This happens in client side only. // This happens in client side only.
ClientHandshakeContext chc = (ClientHandshakeContext)context; ClientHandshakeContext chc = (ClientHandshakeContext)context;
byte[] temproary = null; byte[] temporary;
String algorithm = x509Possession.popPrivateKey.getAlgorithm(); String algorithm = x509Possession.popPrivateKey.getAlgorithm();
try { try {
Signature signer = Signature signer =
getSignature(algorithm, x509Possession.popPrivateKey); getSignature(algorithm, x509Possession.popPrivateKey);
byte[] hashes = chc.handshakeHash.digest(algorithm); byte[] hashes = chc.handshakeHash.digest(algorithm);
signer.update(hashes); signer.update(hashes);
temproary = signer.sign(); temporary = signer.sign();
} catch (NoSuchAlgorithmException nsae) { } catch (NoSuchAlgorithmException nsae) {
throw chc.conContext.fatal(Alert.INTERNAL_ERROR, throw chc.conContext.fatal(Alert.INTERNAL_ERROR,
"Unsupported signature algorithm (" + algorithm + "Unsupported signature algorithm (" + algorithm +
@ -347,7 +347,7 @@ final class CertificateVerify {
"Cannot produce CertificateVerify signature", gse); "Cannot produce CertificateVerify signature", gse);
} }
this.signature = temproary; this.signature = temporary;
} }
T10CertificateVerifyMessage(HandshakeContext context, T10CertificateVerifyMessage(HandshakeContext context,
@ -448,7 +448,7 @@ final class CertificateVerify {
*/ */
private static Signature getSignature(String algorithm, private static Signature getSignature(String algorithm,
Key key) throws GeneralSecurityException { Key key) throws GeneralSecurityException {
Signature signer = null; Signature signer;
switch (algorithm) { switch (algorithm) {
case "RSA": case "RSA":
signer = Signature.getInstance(JsseJce.SIGNATURE_RAWRSA); signer = Signature.getInstance(JsseJce.SIGNATURE_RAWRSA);
@ -605,17 +605,17 @@ final class CertificateVerify {
} }
this.signatureScheme = schemeAndSigner.getKey(); this.signatureScheme = schemeAndSigner.getKey();
byte[] temproary = null; byte[] temporary;
try { try {
Signature signer = schemeAndSigner.getValue(); Signature signer = schemeAndSigner.getValue();
signer.update(chc.handshakeHash.archived()); signer.update(chc.handshakeHash.archived());
temproary = signer.sign(); temporary = signer.sign();
} catch (SignatureException ikse) { } catch (SignatureException ikse) {
throw chc.conContext.fatal(Alert.HANDSHAKE_FAILURE, throw chc.conContext.fatal(Alert.HANDSHAKE_FAILURE,
"Cannot produce CertificateVerify signature", ikse); "Cannot produce CertificateVerify signature", ikse);
} }
this.signature = temproary; this.signature = temporary;
} }
T12CertificateVerifyMessage(HandshakeContext handshakeContext, T12CertificateVerifyMessage(HandshakeContext handshakeContext,
@ -930,17 +930,17 @@ final class CertificateVerify {
serverSignHead.length, hashValue.length); serverSignHead.length, hashValue.length);
} }
byte[] temproary = null; byte[] temporary;
try { try {
Signature signer = schemeAndSigner.getValue(); Signature signer = schemeAndSigner.getValue();
signer.update(contentCovered); signer.update(contentCovered);
temproary = signer.sign(); temporary = signer.sign();
} catch (SignatureException ikse) { } catch (SignatureException ikse) {
throw context.conContext.fatal(Alert.HANDSHAKE_FAILURE, throw context.conContext.fatal(Alert.HANDSHAKE_FAILURE,
"Cannot produce CertificateVerify signature", ikse); "Cannot produce CertificateVerify signature", ikse);
} }
this.signature = temproary; this.signature = temporary;
} }
T13CertificateVerifyMessage(HandshakeContext context, T13CertificateVerifyMessage(HandshakeContext context,

6
src/java.base/share/classes/sun/security/ssl/DHServerKeyExchange.java
View file

@ -123,7 +123,7 @@ final class DHServerKeyExchange {
} else { } else {
useExplicitSigAlgorithm = useExplicitSigAlgorithm =
shc.negotiatedProtocol.useTLS12PlusSpec(); shc.negotiatedProtocol.useTLS12PlusSpec();
Signature signer = null; Signature signer;
if (useExplicitSigAlgorithm) { if (useExplicitSigAlgorithm) {
Map.Entry<SignatureScheme, Signature> schemeAndSigner = Map.Entry<SignatureScheme, Signature> schemeAndSigner =
SignatureScheme.getSignerOfPreferableAlgorithm( SignatureScheme.getSignerOfPreferableAlgorithm(
@ -155,7 +155,7 @@ final class DHServerKeyExchange {
} }
} }
byte[] signature = null; byte[] signature;
try { try {
updateSignature(signer, shc.clientHelloRandom.randomBytes, updateSignature(signer, shc.clientHelloRandom.randomBytes,
shc.serverHelloRandom.randomBytes); shc.serverHelloRandom.randomBytes);
@ -415,7 +415,7 @@ final class DHServerKeyExchange {
private static Signature getSignature(String keyAlgorithm, private static Signature getSignature(String keyAlgorithm,
Key key) throws NoSuchAlgorithmException, InvalidKeyException { Key key) throws NoSuchAlgorithmException, InvalidKeyException {
Signature signer = null; Signature signer;
switch (keyAlgorithm) { switch (keyAlgorithm) {
case "DSA": case "DSA":
signer = Signature.getInstance(JsseJce.SIGNATURE_DSA); signer = Signature.getInstance(JsseJce.SIGNATURE_DSA);

2
src/java.base/share/classes/sun/security/ssl/DTLSInputRecord.java
View file

@ -1118,7 +1118,7 @@ final class DTLSInputRecord extends InputRecord implements DTLSRecord {
bufferedFragments.remove(rFrag); // popup the fragment bufferedFragments.remove(rFrag); // popup the fragment
ByteBuffer fragment = ByteBuffer.wrap(rFrag.fragment); ByteBuffer fragment = ByteBuffer.wrap(rFrag.fragment);
ByteBuffer plaintextFragment = null; ByteBuffer plaintextFragment;
try { try {
Plaintext plaintext = readCipher.decrypt( Plaintext plaintext = readCipher.decrypt(
rFrag.contentType, fragment, rFrag.recordEnS); rFrag.contentType, fragment, rFrag.recordEnS);

2
src/java.base/share/classes/sun/security/ssl/ECDHClientKeyExchange.java
View file

@ -367,7 +367,6 @@ final class ECDHClientKeyExchange {
SSLCredentials sslCredentials = null; SSLCredentials sslCredentials = null;
NamedGroup ng = null; NamedGroup ng = null;
PublicKey publicKey = null;
// Find a good EC/XEC credential to use, determine the // Find a good EC/XEC credential to use, determine the
// NamedGroup to use for creating Possessions/Credentials/Keys. // NamedGroup to use for creating Possessions/Credentials/Keys.
@ -375,7 +374,6 @@ final class ECDHClientKeyExchange {
if (cd instanceof NamedGroupCredentials) { if (cd instanceof NamedGroupCredentials) {
NamedGroupCredentials creds = (NamedGroupCredentials)cd; NamedGroupCredentials creds = (NamedGroupCredentials)cd;
ng = creds.getNamedGroup(); ng = creds.getNamedGroup();
publicKey = creds.getPublicKey();
sslCredentials = cd; sslCredentials = cd;
break; break;
} }

6
src/java.base/share/classes/sun/security/ssl/ECDHServerKeyExchange.java
View file

@ -133,7 +133,7 @@ final class ECDHServerKeyExchange {
} else { } else {
useExplicitSigAlgorithm = useExplicitSigAlgorithm =
shc.negotiatedProtocol.useTLS12PlusSpec(); shc.negotiatedProtocol.useTLS12PlusSpec();
Signature signer = null; Signature signer;
if (useExplicitSigAlgorithm) { if (useExplicitSigAlgorithm) {
Map.Entry<SignatureScheme, Signature> schemeAndSigner = Map.Entry<SignatureScheme, Signature> schemeAndSigner =
SignatureScheme.getSignerOfPreferableAlgorithm( SignatureScheme.getSignerOfPreferableAlgorithm(
@ -165,7 +165,7 @@ final class ECDHServerKeyExchange {
} }
} }
byte[] signature = null; byte[] signature;
try { try {
updateSignature(signer, shc.clientHelloRandom.randomBytes, updateSignature(signer, shc.clientHelloRandom.randomBytes,
shc.serverHelloRandom.randomBytes, shc.serverHelloRandom.randomBytes,
@ -419,7 +419,7 @@ final class ECDHServerKeyExchange {
private static Signature getSignature(String keyAlgorithm, private static Signature getSignature(String keyAlgorithm,
Key key) throws NoSuchAlgorithmException, InvalidKeyException { Key key) throws NoSuchAlgorithmException, InvalidKeyException {
Signature signer = null; Signature signer;
switch (keyAlgorithm) { switch (keyAlgorithm) {
case "EC": case "EC":
signer = Signature.getInstance(JsseJce.SIGNATURE_ECDSA); signer = Signature.getInstance(JsseJce.SIGNATURE_ECDSA);

2
src/java.base/share/classes/sun/security/ssl/Finished.java
View file

@ -79,7 +79,7 @@ final class Finished {
VerifyDataScheme vds = VerifyDataScheme vds =
VerifyDataScheme.valueOf(context.negotiatedProtocol); VerifyDataScheme.valueOf(context.negotiatedProtocol);
byte[] vd = null; byte[] vd;
try { try {
vd = vds.createVerifyData(context, false); vd = vds.createVerifyData(context, false);
} catch (IOException ioe) { } catch (IOException ioe) {

2
src/java.base/share/classes/sun/security/ssl/OutputRecord.java
View file

@ -486,7 +486,7 @@ abstract class OutputRecord
} }
// use the right TLSCiphertext.opaque_type and legacy_record_version // use the right TLSCiphertext.opaque_type and legacy_record_version
ProtocolVersion pv = protocolVersion; ProtocolVersion pv;
if (!encCipher.isNullCipher()) { if (!encCipher.isNullCipher()) {
pv = ProtocolVersion.TLS12; pv = ProtocolVersion.TLS12;
contentType = ContentType.APPLICATION_DATA.id; contentType = ContentType.APPLICATION_DATA.id;

4
src/java.base/share/classes/sun/security/ssl/RSAKeyExchange.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -135,7 +135,7 @@ final class RSAKeyExchange {
byte[] encrypted) throws GeneralSecurityException { byte[] encrypted) throws GeneralSecurityException {
byte[] encoded = null; byte[] encoded = null;
boolean needFailover = false; boolean needFailover;
Cipher cipher = Cipher.getInstance(JsseJce.CIPHER_RSA_PKCS1); Cipher cipher = Cipher.getInstance(JsseJce.CIPHER_RSA_PKCS1);
try { try {
// Try UNWRAP_MODE mode firstly. // Try UNWRAP_MODE mode firstly.

4
src/java.base/share/classes/sun/security/ssl/RSAServerKeyExchange.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -83,7 +83,7 @@ final class RSAServerKeyExchange {
RSAPublicKeySpec spec = JsseJce.getRSAPublicKeySpec(publicKey); RSAPublicKeySpec spec = JsseJce.getRSAPublicKeySpec(publicKey);
this.modulus = Utilities.toByteArray(spec.getModulus()); this.modulus = Utilities.toByteArray(spec.getModulus());
this.exponent = Utilities.toByteArray(spec.getPublicExponent()); this.exponent = Utilities.toByteArray(spec.getPublicExponent());
byte[] signature = null; byte[] signature;
try { try {
Signature signer = RSASignature.getInstance(); Signature signer = RSASignature.getInstance();
signer.initSign(x509Possession.popPrivateKey, signer.initSign(x509Possession.popPrivateKey,

10
src/java.base/share/classes/sun/security/ssl/SSLCipher.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -2200,7 +2200,7 @@ enum SSLCipher {
// DON'T decrypt the nonce_explicit for AEAD mode. The buffer // DON'T decrypt the nonce_explicit for AEAD mode. The buffer
// position has moved out of the nonce_explicit range. // position has moved out of the nonce_explicit range.
int len = bb.remaining(); int len;
int pos = bb.position(); int pos = bb.position();
ByteBuffer dup = bb.duplicate(); ByteBuffer dup = bb.duplicate();
try { try {
@ -2320,7 +2320,6 @@ enum SSLCipher {
cipher.updateAAD(aad); cipher.updateAAD(aad);
// DON'T encrypt the nonce for AEAD mode. // DON'T encrypt the nonce for AEAD mode.
int len = bb.remaining();
int pos = bb.position(); int pos = bb.position();
if (SSLLogger.isOn && SSLLogger.isOn("plaintext")) { if (SSLLogger.isOn && SSLLogger.isOn("plaintext")) {
SSLLogger.fine( SSLLogger.fine(
@ -2339,6 +2338,7 @@ enum SSLCipher {
bb.limit(pos + outputSize); bb.limit(pos + outputSize);
} }
int len;
try { try {
len = cipher.doFinal(dup, bb); len = cipher.doFinal(dup, bb);
} catch (IllegalBlockSizeException | } catch (IllegalBlockSizeException |
@ -2470,7 +2470,7 @@ enum SSLCipher {
contentType, bb.remaining(), sn); contentType, bb.remaining(), sn);
cipher.updateAAD(aad); cipher.updateAAD(aad);
int len = bb.remaining(); int len;
int pos = bb.position(); int pos = bb.position();
ByteBuffer dup = bb.duplicate(); ByteBuffer dup = bb.duplicate();
try { try {
@ -2602,7 +2602,6 @@ enum SSLCipher {
contentType, outputSize, sn); contentType, outputSize, sn);
cipher.updateAAD(aad); cipher.updateAAD(aad);
int len = bb.remaining();
int pos = bb.position(); int pos = bb.position();
if (SSLLogger.isOn && SSLLogger.isOn("plaintext")) { if (SSLLogger.isOn && SSLLogger.isOn("plaintext")) {
SSLLogger.fine( SSLLogger.fine(
@ -2620,6 +2619,7 @@ enum SSLCipher {
bb.limit(pos + outputSize); bb.limit(pos + outputSize);
} }
int len;
try { try {
len = cipher.doFinal(dup, bb); len = cipher.doFinal(dup, bb);
} catch (IllegalBlockSizeException | } catch (IllegalBlockSizeException |

8
src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -1023,9 +1023,7 @@ public abstract class SSLContextImpl extends SSLContextSpi {
passwd = defaultKeyStorePassword.toCharArray(); passwd = defaultKeyStorePassword.toCharArray();
} }
/** // Try to initialize key store.
* Try to initialize key store.
*/
if ((defaultKeyStoreType.length()) != 0) { if ((defaultKeyStoreType.length()) != 0) {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) { if (SSLLogger.isOn && SSLLogger.isOn("ssl,defaultctx")) {
SSLLogger.finest("init keystore"); SSLLogger.finest("init keystore");
@ -1304,7 +1302,7 @@ public abstract class SSLContextImpl extends SSLContextSpi {
private static final List<CipherSuite> clientDefaultCipherSuites; private static final List<CipherSuite> clientDefaultCipherSuites;
private static final List<CipherSuite> serverDefaultCipherSuites; private static final List<CipherSuite> serverDefaultCipherSuites;
private static IllegalArgumentException reservedException = null; private static IllegalArgumentException reservedException;
// Don't want a java.lang.LinkageError for illegal system property. // Don't want a java.lang.LinkageError for illegal system property.
// //

5
src/java.base/share/classes/sun/security/ssl/SSLEngineInputRecord.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -75,8 +75,7 @@ final class SSLEngineInputRecord extends InputRecord implements SSLRecord {
int pos = packet.position(); int pos = packet.position();
byte byteZero = packet.get(pos); byte byteZero = packet.get(pos);
int len;
int len = 0;
/* /*
* If we have already verified previous packets, we can * If we have already verified previous packets, we can

6
src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java
View file

@ -307,9 +307,6 @@ final class SSLSessionImpl extends ExtendedSSLSession {
*/ */
SSLSessionImpl(HandshakeContext hc, ByteBuffer buf) throws IOException { SSLSessionImpl(HandshakeContext hc, ByteBuffer buf) throws IOException {
int i = 0;
byte[] b;
boundValues = new ConcurrentHashMap<>(); boundValues = new ConcurrentHashMap<>();
this.protocolVersion = this.protocolVersion =
ProtocolVersion.valueOf(Short.toUnsignedInt(buf.getShort())); ProtocolVersion.valueOf(Short.toUnsignedInt(buf.getShort()));
@ -323,7 +320,7 @@ final class SSLSessionImpl extends ExtendedSSLSession {
// Local Supported signature algorithms // Local Supported signature algorithms
ArrayList<SignatureScheme> list = new ArrayList<>(); ArrayList<SignatureScheme> list = new ArrayList<>();
i = Byte.toUnsignedInt(buf.get()); int i = Byte.toUnsignedInt(buf.get());
while (i-- > 0) { while (i-- > 0) {
list.add(SignatureScheme.valueOf( list.add(SignatureScheme.valueOf(
Short.toUnsignedInt(buf.getShort()))); Short.toUnsignedInt(buf.getShort())));
@ -340,6 +337,7 @@ final class SSLSessionImpl extends ExtendedSSLSession {
this.peerSupportedSignAlgs = Collections.unmodifiableCollection(list); this.peerSupportedSignAlgs = Collections.unmodifiableCollection(list);
// PSK // PSK
byte[] b;
i = Short.toUnsignedInt(buf.getShort()); i = Short.toUnsignedInt(buf.getShort());
if (i > 0) { if (i > 0) {
b = new byte[i]; b = new byte[i];

4
src/java.base/share/classes/sun/security/ssl/SSLSocketInputRecord.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2020, Azul Systems, Inc. All rights reserved. * Copyright (c) 2020, Azul Systems, Inc. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
@ -74,7 +74,7 @@ final class SSLSocketInputRecord extends InputRecord implements SSLRecord {
} }
byte byteZero = header[0]; byte byteZero = header[0];
int len = 0; int len;
/* /*
* If we have already verified previous packets, we can * If we have already verified previous packets, we can

4
src/java.base/share/classes/sun/security/ssl/SSLTransport.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -104,7 +104,7 @@ interface SSLTransport {
ByteBuffer[] srcs, int srcsOffset, int srcsLength, ByteBuffer[] srcs, int srcsOffset, int srcsLength,
ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException { ByteBuffer[] dsts, int dstsOffset, int dstsLength) throws IOException {
Plaintext[] plaintexts = null; Plaintext[] plaintexts;
try { try {
plaintexts = plaintexts =
context.inputRecord.decode(srcs, srcsOffset, srcsLength); context.inputRecord.decode(srcs, srcsOffset, srcsLength);

8
src/java.base/share/classes/sun/security/ssl/X509TrustManagerImpl.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -156,7 +156,7 @@ final class X509TrustManagerImpl extends X509ExtendedTrustManager
"null or zero-length authentication type"); "null or zero-length authentication type");
} }
Validator v = null; Validator v;
if (checkClientTrusted) { if (checkClientTrusted) {
v = clientValidator; v = clientValidator;
if (v == null) { if (v == null) {
@ -197,7 +197,7 @@ final class X509TrustManagerImpl extends X509ExtendedTrustManager
boolean checkClientTrusted) throws CertificateException { boolean checkClientTrusted) throws CertificateException {
Validator v = checkTrustedInit(chain, authType, checkClientTrusted); Validator v = checkTrustedInit(chain, authType, checkClientTrusted);
X509Certificate[] trustedChain = null; X509Certificate[] trustedChain;
if ((socket != null) && socket.isConnected() && if ((socket != null) && socket.isConnected() &&
(socket instanceof SSLSocket)) { (socket instanceof SSLSocket)) {
@ -254,7 +254,7 @@ final class X509TrustManagerImpl extends X509ExtendedTrustManager
boolean checkClientTrusted) throws CertificateException { boolean checkClientTrusted) throws CertificateException {
Validator v = checkTrustedInit(chain, authType, checkClientTrusted); Validator v = checkTrustedInit(chain, authType, checkClientTrusted);
X509Certificate[] trustedChain = null; X509Certificate[] trustedChain;
if (engine != null) { if (engine != null) {
SSLSession session = engine.getHandshakeSession(); SSLSession session = engine.getHandshakeSession();
if (session == null) { if (session == null) {