8344310: Remove Security Manager dependencies from javax.crypto and com.sun.crypto packages

Reviewed-by: jpai, ascarpino

src/java.base/share/classes/com/sun/crypto/provider/DHKeyAgreement.java

@@ -56,14 +56,8 @@ extends KeyAgreementSpi {
 
     private static class AllowKDF {
 
-        private static final boolean VALUE = getValue();
-
-        @SuppressWarnings("removal")
-        private static boolean getValue() {
-            return AccessController.doPrivileged(
-                (PrivilegedAction<Boolean>)
-                () -> Boolean.getBoolean("jdk.crypto.KeyAgreement.legacyKDF"));
-        }
+        private static final boolean VALUE =
+            Boolean.getBoolean("jdk.crypto.KeyAgreement.legacyKDF");
     }
 
     /**

src/java.base/share/classes/com/sun/crypto/provider/JceKeyStore.java

@@ -30,14 +30,12 @@ import sun.security.util.IOUtils;
 
 import java.io.*;
 import java.util.*;
-import java.security.AccessController;
 import java.security.DigestInputStream;
 import java.security.DigestOutputStream;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.Key;
 import java.security.PrivateKey;
-import java.security.PrivilegedAction;
 import java.security.KeyStoreSpi;
 import java.security.KeyStoreException;
 import java.security.UnrecoverableKeyException;
@@ -835,15 +833,9 @@ public final class JceKeyStore extends KeyStoreSpi {
                         // read the sealed key
                         try {
                             ois = new ObjectInputStream(dis);
-                            final ObjectInputStream ois2 = ois;
                             // Set a deserialization checker
-                            @SuppressWarnings("removal")
-                            var dummy = AccessController.doPrivileged(
-                                (PrivilegedAction<Void>)() -> {
-                                    ois2.setObjectInputFilter(
-                                        new DeserializationChecker(fullLength));
-                                    return null;
-                            });
+                            ois.setObjectInputFilter(
+                                new DeserializationChecker(fullLength));
                             entry.sealedKey = (SealedObject)ois.readObject();
                             entry.maxLength = fullLength;
                             // NOTE: don't close ois here since we are still

src/java.base/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -73,18 +73,13 @@ final class SealedObjectForKeyProtector extends SealedObject {
         return params;
     }
 
-    @SuppressWarnings("removal")
     final Key getKey(Cipher c, int maxLength)
             throws IOException, ClassNotFoundException, IllegalBlockSizeException,
             BadPaddingException {
 
         try (ObjectInputStream ois = SharedSecrets.getJavaxCryptoSealedObjectAccess()
                 .getExtObjectInputStream(this, c)) {
-            AccessController.doPrivileged(
-                    (PrivilegedAction<Void>) () -> {
-                        ois.setObjectInputFilter(new DeserializationChecker(maxLength));
-                        return null;
-                    });
+                ois.setObjectInputFilter(new DeserializationChecker(maxLength));
             try {
                 @SuppressWarnings("unchecked")
                 Key t = (Key) ois.readObject();
@@ -113,16 +108,8 @@ final class SealedObjectForKeyProtector extends SealedObject {
         private static final ObjectInputFilter OWN_FILTER;
 
         static {
-            @SuppressWarnings("removal")
-            String prop = AccessController.doPrivileged(
-                    (PrivilegedAction<String>) () -> {
-                        String tmp = System.getProperty(KEY_SERIAL_FILTER);
-                        if (tmp != null) {
-                            return tmp;
-                        } else {
-                            return Security.getProperty(KEY_SERIAL_FILTER);
-                        }
-                    });
+            String prop = System.getProperty(
+                 KEY_SERIAL_FILTER, Security.getProperty(KEY_SERIAL_FILTER));
             OWN_FILTER = prop == null
                     ? null
                     : ObjectInputFilter.Config.createFilter(prop);

src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java

@@ -25,10 +25,8 @@
 
 package com.sun.crypto.provider;
 
-import java.security.AccessController;
 import java.security.Provider;
 import java.security.SecureRandom;
-import java.security.PrivilegedAction;
 import java.util.HashMap;
 import java.util.List;
 import static sun.security.util.SecurityConstants.PROVIDER_VER;
@@ -121,24 +119,12 @@ public final class SunJCE extends Provider {
                    attrs));
     }
 
-    @SuppressWarnings("removal")
     public SunJCE() {
         /* We are the "SunJCE" provider */
         super("SunJCE", PROVIDER_VER, info);
 
-        // if there is no security manager installed, put directly into
-        // the provider
-        if (System.getSecurityManager() == null) {
-            putEntries();
-        } else {
-            AccessController.doPrivileged(new PrivilegedAction<Void>() {
-                @Override
-                public Void run() {
-                    putEntries();
-                    return null;
-                }
-            });
-        }
+        putEntries();
+
         if (instance == null) {
             instance = this;
         }