From 514cead43ee8e0782b89f3be4184bacb912ddda3 Mon Sep 17 00:00:00 2001 From: "Gerlach, Winfried" Date: Fri, 14 Mar 2025 00:33:05 +0100 Subject: [PATCH] reduce number of Error Prone warnings and some other IDE warnings --- .../bouncycastle/asn1/BERBitStringParser.java | 1 + .../asn1/BEROctetStringParser.java | 1 + .../bouncycastle/asn1/BERSequenceParser.java | 1 + .../org/bouncycastle/asn1/BERSetParser.java | 1 + .../org/bouncycastle/asn1/DERExternal.java | 1 + .../asn1/DEROctetStringParser.java | 1 + .../bouncycastle/asn1/DLBitStringParser.java | 1 + .../org/bouncycastle/asn1/DLExternal.java | 1 + .../bouncycastle/asn1/DLSequenceParser.java | 1 + .../org/bouncycastle/asn1/DLSetParser.java | 1 + .../asn1/pkcs/PKCSObjectIdentifiers.java | 8 ++ .../asn1/x509/SubjectPublicKeyInfo.java | 3 + .../crypto/AsymmetricCipherKeyPair.java | 1 + .../crypto/engines/AESEngine.java | 1 + .../crypto/engines/RSABlindedEngine.java | 2 +- .../crypto/modes/SICBlockCipher.java | 1 + .../params/SAKKEPublicKeyParameters.java | 2 +- .../org/bouncycastle/math/ec/ECCurve.java | 3 + .../bouncycastle/pqc/asn1/CMCEPublicKey.java | 1 + .../pqc/asn1/FalconPublicKey.java | 1 + .../bouncycastle/pqc/asn1/KyberPublicKey.java | 1 + .../pqc/asn1/PQCObjectIdentifiers.java | 8 ++ .../pqc/asn1/SPHINCSPLUSPrivateKey.java | 1 + .../pqc/asn1/SPHINCSPLUSPublicKey.java | 1 + .../dilithium/DilithiumParameters.java | 1 + .../DilithiumPrivateKeyParameters.java | 1 + .../mldsa/MLDSAPrivateKeyParameters.java | 1 + .../sphincsplus/SPHINCSPlusParameters.java | 1 + .../xmss/XMSSMTPrivateKeyParameters.java | 1 + .../xmss/XMSSMTPublicKeyParameters.java | 1 + .../crypto/xmss/XMSSPrivateKeyParameters.java | 1 + .../crypto/xmss/XMSSPublicKeyParameters.java | 1 + .../xmss/XMSSStoreableObjectInterface.java | 3 +- .../legacy/math/linearalgebra/ByteUtils.java | 1 + .../math/linearalgebra/IntegerFunctions.java | 5 +- .../org/bouncycastle/util/Fingerprint.java | 2 + .../main/java/org/bouncycastle/util/Pack.java | 1 + .../smime/validator/SignedMailValidator.java | 32 ++++---- .../mls/client/MLSClientImpl.java | 58 +++++++------- .../bouncycastle/mls/codec/GroupContext.java | 4 +- .../org/bouncycastle/mls/protocol/Group.java | 80 +++++++++---------- .../bouncycastle/pkix/jcajce/PKIXCRLUtil.java | 9 +-- .../pkix/jcajce/RevocationUtilities.java | 15 ++-- .../pkix/util/LocalizedMessage.java | 8 +- .../bouncycastle/test/est/ESTServerUtils.java | 3 +- .../jsse/provider/NamedGroupInfo.java | 25 +++--- .../bouncycastle/tls/AbstractTlsServer.java | 1 + .../org/bouncycastle/tls/Certificate.java | 1 + .../org/bouncycastle/tls/ClientHello.java | 1 + .../java/org/bouncycastle/tls/NamedGroup.java | 3 + .../org/bouncycastle/tls/RecordPreview.java | 1 + .../bouncycastle/tls/SecurityParameters.java | 2 + .../org/bouncycastle/tls/SignatureScheme.java | 1 + .../bouncycastle/tls/TlsExtensionsUtils.java | 2 + .../java/org/bouncycastle/tls/TlsPeer.java | 1 + .../org/bouncycastle/tls/TlsProtocol.java | 1 + .../java/org/bouncycastle/tls/TlsUtils.java | 5 ++ .../tls/crypto/impl/TlsAEADCipher.java | 3 +- .../crypto/impl/jcajce/JcaTlsRSASigner.java | 1 + .../asn1/eac/CertificateHolderReference.java | 35 +++----- 60 files changed, 203 insertions(+), 153 deletions(-) diff --git a/core/src/main/java/org/bouncycastle/asn1/BERBitStringParser.java b/core/src/main/java/org/bouncycastle/asn1/BERBitStringParser.java index 9b2cfaffc2..c9c1855647 100644 --- a/core/src/main/java/org/bouncycastle/asn1/BERBitStringParser.java +++ b/core/src/main/java/org/bouncycastle/asn1/BERBitStringParser.java @@ -10,6 +10,7 @@ * * @deprecated Check for 'ASN1BitStringParser' instead */ +@Deprecated public class BERBitStringParser implements ASN1BitStringParser { diff --git a/core/src/main/java/org/bouncycastle/asn1/BEROctetStringParser.java b/core/src/main/java/org/bouncycastle/asn1/BEROctetStringParser.java index bce7f0189c..c42a46aa42 100644 --- a/core/src/main/java/org/bouncycastle/asn1/BEROctetStringParser.java +++ b/core/src/main/java/org/bouncycastle/asn1/BEROctetStringParser.java @@ -10,6 +10,7 @@ * * @deprecated Check for 'ASN1OctetStringParser' instead */ +@Deprecated public class BEROctetStringParser implements ASN1OctetStringParser { diff --git a/core/src/main/java/org/bouncycastle/asn1/BERSequenceParser.java b/core/src/main/java/org/bouncycastle/asn1/BERSequenceParser.java index c53b0014ed..7f14a80703 100644 --- a/core/src/main/java/org/bouncycastle/asn1/BERSequenceParser.java +++ b/core/src/main/java/org/bouncycastle/asn1/BERSequenceParser.java @@ -7,6 +7,7 @@ * * @deprecated Check for 'ASN1SequenceParser' instead */ +@Deprecated public class BERSequenceParser implements ASN1SequenceParser { diff --git a/core/src/main/java/org/bouncycastle/asn1/BERSetParser.java b/core/src/main/java/org/bouncycastle/asn1/BERSetParser.java index cc369dfcb9..8cb392fd9e 100644 --- a/core/src/main/java/org/bouncycastle/asn1/BERSetParser.java +++ b/core/src/main/java/org/bouncycastle/asn1/BERSetParser.java @@ -7,6 +7,7 @@ * * @deprecated Check for 'ASN1SetParser' instead */ +@Deprecated public class BERSetParser implements ASN1SetParser { diff --git a/core/src/main/java/org/bouncycastle/asn1/DERExternal.java b/core/src/main/java/org/bouncycastle/asn1/DERExternal.java index fced6d2bac..a075b20aee 100644 --- a/core/src/main/java/org/bouncycastle/asn1/DERExternal.java +++ b/core/src/main/java/org/bouncycastle/asn1/DERExternal.java @@ -20,6 +20,7 @@ public class DERExternal * * @deprecated Use {@link DERExternal#DERExternal(DERSequence)} instead. */ + @Deprecated public DERExternal(ASN1EncodableVector vector) { this(DERFactory.createSequence(vector)); diff --git a/core/src/main/java/org/bouncycastle/asn1/DEROctetStringParser.java b/core/src/main/java/org/bouncycastle/asn1/DEROctetStringParser.java index 33e1bca3da..7c537e5e0a 100644 --- a/core/src/main/java/org/bouncycastle/asn1/DEROctetStringParser.java +++ b/core/src/main/java/org/bouncycastle/asn1/DEROctetStringParser.java @@ -8,6 +8,7 @@ * * @deprecated Check for 'ASN1OctetStringParser' instead */ +@Deprecated public class DEROctetStringParser implements ASN1OctetStringParser { diff --git a/core/src/main/java/org/bouncycastle/asn1/DLBitStringParser.java b/core/src/main/java/org/bouncycastle/asn1/DLBitStringParser.java index ce92398ebc..c4f4984bd9 100644 --- a/core/src/main/java/org/bouncycastle/asn1/DLBitStringParser.java +++ b/core/src/main/java/org/bouncycastle/asn1/DLBitStringParser.java @@ -8,6 +8,7 @@ * * @deprecated Check for 'ASN1BitStringParser' instead */ +@Deprecated public class DLBitStringParser implements ASN1BitStringParser { diff --git a/core/src/main/java/org/bouncycastle/asn1/DLExternal.java b/core/src/main/java/org/bouncycastle/asn1/DLExternal.java index 8424fc50d0..2b7c814d2a 100644 --- a/core/src/main/java/org/bouncycastle/asn1/DLExternal.java +++ b/core/src/main/java/org/bouncycastle/asn1/DLExternal.java @@ -20,6 +20,7 @@ public class DLExternal * * @deprecated Use {@link DLExternal#DLExternal(DLSequence)} instead. */ + @Deprecated public DLExternal(ASN1EncodableVector vector) { this(DLFactory.createSequence(vector)); diff --git a/core/src/main/java/org/bouncycastle/asn1/DLSequenceParser.java b/core/src/main/java/org/bouncycastle/asn1/DLSequenceParser.java index 83d1a2c047..a5da9346e3 100644 --- a/core/src/main/java/org/bouncycastle/asn1/DLSequenceParser.java +++ b/core/src/main/java/org/bouncycastle/asn1/DLSequenceParser.java @@ -7,6 +7,7 @@ * * @deprecated Check for 'ASN1SequenceParser' instead */ +@Deprecated public class DLSequenceParser implements ASN1SequenceParser { diff --git a/core/src/main/java/org/bouncycastle/asn1/DLSetParser.java b/core/src/main/java/org/bouncycastle/asn1/DLSetParser.java index 4809f70194..f47357727b 100644 --- a/core/src/main/java/org/bouncycastle/asn1/DLSetParser.java +++ b/core/src/main/java/org/bouncycastle/asn1/DLSetParser.java @@ -7,6 +7,7 @@ * * @deprecated Check for 'ASN1SetParser' instead */ +@Deprecated public class DLSetParser implements ASN1SetParser { diff --git a/core/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java b/core/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java index ab1d5d25ba..916356a643 100644 --- a/core/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java +++ b/core/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java @@ -195,6 +195,7 @@ public interface PKCSObjectIdentifiers /** PKCS#9: 1.2.840.113549.1.9.22.1 * @deprecated use x509Certificate instead */ + @Deprecated ASN1ObjectIdentifier x509certType = pkcs_9.branch("22.1"); /** PKCS#9: 1.2.840.113549.1.9.22 */ @@ -246,6 +247,7 @@ public interface PKCSObjectIdentifiers /** S/MIME: Algorithm Identifiers ; 1.2.840.113549.1.9.16.3 */ ASN1ObjectIdentifier smime_alg = id_smime.branch("3"); /** @deprecated use smime_alg instead */ + @Deprecated ASN1ObjectIdentifier id_alg = id_smime.branch("3"); /** PKCS#9: 1.2.840.113549.1.9.16.3.5 */ @@ -417,12 +419,16 @@ public interface PKCSObjectIdentifiers ASN1ObjectIdentifier id_aa_communityIdentifiers = id_aa.branch("40"); /** @deprecated use id_aa_ets_sigPolicyId instead */ + @Deprecated ASN1ObjectIdentifier id_aa_sigPolicyId = id_aa_ets_sigPolicyId; /** @deprecated use id_aa_ets_commitmentType instead */ + @Deprecated ASN1ObjectIdentifier id_aa_commitmentType = id_aa_ets_commitmentType; /** @deprecated use id_aa_ets_signerLocation instead */ + @Deprecated ASN1ObjectIdentifier id_aa_signerLocation = id_aa_ets_signerLocation; /** @deprecated use id_aa_ets_otherSigCert instead */ + @Deprecated ASN1ObjectIdentifier id_aa_otherSigCert = id_aa_ets_otherSigCert; /** @@ -431,6 +437,7 @@ public interface PKCSObjectIdentifiers * 1.2.840.113549.1.9.16.5 * @deprecated use id_spq_oid instead */ + @Deprecated final String id_spq = "1.2.840.113549.1.9.16.5"; ASN1ObjectIdentifier id_spq_oid = id_smime.branch("5"); @@ -481,6 +488,7 @@ public interface PKCSObjectIdentifiers * PKCS#12: 1.2.840.113549.1.12.1.6 * @deprecated use pbeWithSHAAnd40BitRC2_CBC */ + @Deprecated ASN1ObjectIdentifier pbewithSHAAnd40BitRC2_CBC = pkcs_12PbeIds.branch("6"); } diff --git a/core/src/main/java/org/bouncycastle/asn1/x509/SubjectPublicKeyInfo.java b/core/src/main/java/org/bouncycastle/asn1/x509/SubjectPublicKeyInfo.java index 2e8dad1a60..a8b51780a9 100644 --- a/core/src/main/java/org/bouncycastle/asn1/x509/SubjectPublicKeyInfo.java +++ b/core/src/main/java/org/bouncycastle/asn1/x509/SubjectPublicKeyInfo.java @@ -74,6 +74,7 @@ public SubjectPublicKeyInfo( /** @deprecated use SubjectPublicKeyInfo.getInstance() */ + @Deprecated public SubjectPublicKeyInfo( ASN1Sequence seq) { @@ -98,6 +99,7 @@ public AlgorithmIdentifier getAlgorithm() * @deprecated use getAlgorithm() * @return alg ID. */ + @Deprecated public AlgorithmIdentifier getAlgorithmId() { return algId; @@ -126,6 +128,7 @@ public ASN1Primitive parsePublicKey() * @deprecated use parsePublicKey * @return the public key as an ASN.1 primitive. */ + @Deprecated public ASN1Primitive getPublicKey() throws IOException { diff --git a/core/src/main/java/org/bouncycastle/crypto/AsymmetricCipherKeyPair.java b/core/src/main/java/org/bouncycastle/crypto/AsymmetricCipherKeyPair.java index ddee701914..b129ed57db 100644 --- a/core/src/main/java/org/bouncycastle/crypto/AsymmetricCipherKeyPair.java +++ b/core/src/main/java/org/bouncycastle/crypto/AsymmetricCipherKeyPair.java @@ -31,6 +31,7 @@ public AsymmetricCipherKeyPair( * @param privateParam the corresponding private key parameters. * @deprecated use AsymmetricKeyParameter */ + @Deprecated public AsymmetricCipherKeyPair( CipherParameters publicParam, CipherParameters privateParam) diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/AESEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/AESEngine.java index ac2eb9aa6a..9e200318f4 100644 --- a/core/src/main/java/org/bouncycastle/crypto/engines/AESEngine.java +++ b/core/src/main/java/org/bouncycastle/crypto/engines/AESEngine.java @@ -435,6 +435,7 @@ public static MultiBlockCipher newInstance() * default constructor - 128 bit block size. * @deprecated use AESEngine.newInstance() */ + @Deprecated public AESEngine() { CryptoServicesRegistrar.checkConstraints(new DefaultServiceProperties(getAlgorithmName(), 256)); diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/RSABlindedEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/RSABlindedEngine.java index 4ce1fccedd..36103654a1 100644 --- a/core/src/main/java/org/bouncycastle/crypto/engines/RSABlindedEngine.java +++ b/core/src/main/java/org/bouncycastle/crypto/engines/RSABlindedEngine.java @@ -28,7 +28,7 @@ public class RSABlindedEngine * initialise the RSA engine. * * @param forEncryption true if we are encrypting, false otherwise. - * @param param the necessary RSA key parameters. + * @param parameters the necessary RSA key parameters. */ public void init(boolean forEncryption, CipherParameters parameters) { diff --git a/core/src/main/java/org/bouncycastle/crypto/modes/SICBlockCipher.java b/core/src/main/java/org/bouncycastle/crypto/modes/SICBlockCipher.java index 95f386b9a5..f9a606a2b3 100644 --- a/core/src/main/java/org/bouncycastle/crypto/modes/SICBlockCipher.java +++ b/core/src/main/java/org/bouncycastle/crypto/modes/SICBlockCipher.java @@ -41,6 +41,7 @@ public static CTRModeCipher newInstance(BlockCipher cipher) * @param c the block cipher to be used. * @deprecated use newInstance() method. */ + @Deprecated public SICBlockCipher(BlockCipher c) { super(c); diff --git a/core/src/main/java/org/bouncycastle/crypto/params/SAKKEPublicKeyParameters.java b/core/src/main/java/org/bouncycastle/crypto/params/SAKKEPublicKeyParameters.java index 5dc57b95d1..1796346dd1 100644 --- a/core/src/main/java/org/bouncycastle/crypto/params/SAKKEPublicKeyParameters.java +++ b/core/src/main/java/org/bouncycastle/crypto/params/SAKKEPublicKeyParameters.java @@ -191,7 +191,7 @@ public Digest getDigest() } /** - * @return The pairing result g = (RFC 6508, Section 3.2) + * @return The pairing result {@code g = } (RFC 6508, Section 3.2) */ public BigInteger getG() { diff --git a/core/src/main/java/org/bouncycastle/math/ec/ECCurve.java b/core/src/main/java/org/bouncycastle/math/ec/ECCurve.java index de75cb24ff..378cf46277 100644 --- a/core/src/main/java/org/bouncycastle/math/ec/ECCurve.java +++ b/core/src/main/java/org/bouncycastle/math/ec/ECCurve.java @@ -691,6 +691,7 @@ public static class Fp extends AbstractFp /** * @deprecated use constructor taking order/cofactor */ + @Deprecated public Fp(BigInteger q, BigInteger a, BigInteger b) { this(q, a, b, null, null); @@ -1153,6 +1154,7 @@ public static class F2m extends AbstractF2m * F2m. * @deprecated use constructor taking order/cofactor */ + @Deprecated public F2m( int m, int k, @@ -1211,6 +1213,7 @@ public F2m( * F2m. * @deprecated use constructor taking order/cofactor */ + @Deprecated public F2m( int m, int k1, diff --git a/core/src/main/java/org/bouncycastle/pqc/asn1/CMCEPublicKey.java b/core/src/main/java/org/bouncycastle/pqc/asn1/CMCEPublicKey.java index e09a5d17da..1600da6e34 100644 --- a/core/src/main/java/org/bouncycastle/pqc/asn1/CMCEPublicKey.java +++ b/core/src/main/java/org/bouncycastle/pqc/asn1/CMCEPublicKey.java @@ -34,6 +34,7 @@ public CMCEPublicKey(byte[] t) /** * @deprecated use getInstance() */ + @Deprecated public CMCEPublicKey(ASN1Sequence seq) { T = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets()); diff --git a/core/src/main/java/org/bouncycastle/pqc/asn1/FalconPublicKey.java b/core/src/main/java/org/bouncycastle/pqc/asn1/FalconPublicKey.java index d5dc89dccb..1e7a84a09b 100644 --- a/core/src/main/java/org/bouncycastle/pqc/asn1/FalconPublicKey.java +++ b/core/src/main/java/org/bouncycastle/pqc/asn1/FalconPublicKey.java @@ -32,6 +32,7 @@ public byte[] getH() /** * @deprecated use getInstance() */ + @Deprecated public FalconPublicKey(ASN1Sequence seq) { h = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets()); diff --git a/core/src/main/java/org/bouncycastle/pqc/asn1/KyberPublicKey.java b/core/src/main/java/org/bouncycastle/pqc/asn1/KyberPublicKey.java index a498e7857b..e020605f63 100644 --- a/core/src/main/java/org/bouncycastle/pqc/asn1/KyberPublicKey.java +++ b/core/src/main/java/org/bouncycastle/pqc/asn1/KyberPublicKey.java @@ -36,6 +36,7 @@ public KyberPublicKey(byte[] t, byte[] rho) /** * @deprecated use getInstance() */ + @Deprecated public KyberPublicKey(ASN1Sequence seq) { t = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets()); diff --git a/core/src/main/java/org/bouncycastle/pqc/asn1/PQCObjectIdentifiers.java b/core/src/main/java/org/bouncycastle/pqc/asn1/PQCObjectIdentifiers.java index e88bb0898d..cb05d3b804 100644 --- a/core/src/main/java/org/bouncycastle/pqc/asn1/PQCObjectIdentifiers.java +++ b/core/src/main/java/org/bouncycastle/pqc/asn1/PQCObjectIdentifiers.java @@ -86,35 +86,43 @@ public interface PQCObjectIdentifiers /** * @deprecated use xmss_SHA256ph */ + @Deprecated final ASN1ObjectIdentifier xmss_with_SHA256 = xmss_SHA256ph; /** * @deprecated use xmss_SHA512ph */ + @Deprecated final ASN1ObjectIdentifier xmss_with_SHA512 = xmss_SHA512ph; /** * @deprecated use xmss_SHAKE128ph */ + @Deprecated final ASN1ObjectIdentifier xmss_with_SHAKE128 = xmss_SHAKE128ph; /** * @deprecated use xmss_SHAKE256ph */ + @Deprecated final ASN1ObjectIdentifier xmss_with_SHAKE256 = xmss_SHAKE256ph; /** * @deprecated use xmss_mt_SHA256ph */ + @Deprecated final ASN1ObjectIdentifier xmss_mt_with_SHA256 = xmss_mt_SHA256ph; /** * @deprecated use xmss_mt_SHA512ph */ + @Deprecated final ASN1ObjectIdentifier xmss_mt_with_SHA512 = xmss_mt_SHA512ph; /** * @deprecated use xmss_mt_SHAKE128ph */ + @Deprecated final ASN1ObjectIdentifier xmss_mt_with_SHAKE128 = xmss_mt_SHAKE128ph; /** * @deprecated use xmss_mt_SHAKE256ph */ + @Deprecated final ASN1ObjectIdentifier xmss_mt_with_SHAKE256 = xmss_mt_SHAKE256ph; /** diff --git a/core/src/main/java/org/bouncycastle/pqc/asn1/SPHINCSPLUSPrivateKey.java b/core/src/main/java/org/bouncycastle/pqc/asn1/SPHINCSPLUSPrivateKey.java index 3f86bbe1c3..1de44f891b 100644 --- a/core/src/main/java/org/bouncycastle/pqc/asn1/SPHINCSPLUSPrivateKey.java +++ b/core/src/main/java/org/bouncycastle/pqc/asn1/SPHINCSPLUSPrivateKey.java @@ -68,6 +68,7 @@ public SPHINCSPLUSPrivateKey(int version, byte[] skseed, byte[] skprf, SPHINCSPL /** * @deprecated use getInstance() */ + @Deprecated public SPHINCSPLUSPrivateKey(ASN1Sequence seq) { version = ASN1Integer.getInstance(seq.getObjectAt(0)).intValueExact(); diff --git a/core/src/main/java/org/bouncycastle/pqc/asn1/SPHINCSPLUSPublicKey.java b/core/src/main/java/org/bouncycastle/pqc/asn1/SPHINCSPLUSPublicKey.java index d0514d6ffc..0ff3410bb4 100644 --- a/core/src/main/java/org/bouncycastle/pqc/asn1/SPHINCSPLUSPublicKey.java +++ b/core/src/main/java/org/bouncycastle/pqc/asn1/SPHINCSPLUSPublicKey.java @@ -29,6 +29,7 @@ public SPHINCSPLUSPublicKey(byte[] pkseed, byte[] pkroot) /** * @deprecated use getInstance() */ + @Deprecated public SPHINCSPLUSPublicKey(ASN1Sequence seq) { pkseed = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets()); diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/dilithium/DilithiumParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/dilithium/DilithiumParameters.java index b64cc82ab5..97843ecac0 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/dilithium/DilithiumParameters.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/dilithium/DilithiumParameters.java @@ -15,6 +15,7 @@ public class DilithiumParameters * @deprecated * obsolete to be removed */ + @Deprecated private final boolean usingAES;// or shake private DilithiumParameters(String name, int k, boolean usingAES) diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.java index 4193d654b8..8ecc27ced8 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.java @@ -63,6 +63,7 @@ public byte[] getK() } /** @deprecated Use {@link #getEncoded()} instead. */ + @Deprecated public byte[] getPrivateKey() { return getEncoded(); diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAPrivateKeyParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAPrivateKeyParameters.java index 03f56b6abd..be2449a59e 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAPrivateKeyParameters.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAPrivateKeyParameters.java @@ -138,6 +138,7 @@ public byte[] getK() /** * @deprecated Use {@link #getEncoded()} instead. */ + @Deprecated public byte[] getPrivateKey() { return getEncoded(); diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/sphincsplus/SPHINCSPlusParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/sphincsplus/SPHINCSPlusParameters.java index 35204ee8f1..c7cd880575 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/sphincsplus/SPHINCSPlusParameters.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/sphincsplus/SPHINCSPlusParameters.java @@ -193,6 +193,7 @@ public static SPHINCSPlusParameters getParams(Integer id) * @return the OID for the parameter set. * @deprecated Use {@link #getID()} instead */ + @Deprecated public static Integer getID(SPHINCSPlusParameters params) { return params.getID(); diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java index 3cdee493ab..9dcde26aa1 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java @@ -262,6 +262,7 @@ public XMSSMTPrivateKeyParameters build() /** * @deprecated use getEncoded() - this method will become private. */ + @Deprecated public byte[] toByteArray() { synchronized (this) diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPublicKeyParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPublicKeyParameters.java index 9b1e3d2e5d..bb43419e09 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPublicKeyParameters.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPublicKeyParameters.java @@ -144,6 +144,7 @@ public XMSSMTPublicKeyParameters build() /** * @deprecated use getEncoded() - this method will become private. */ + @Deprecated public byte[] toByteArray() { /* oid || root || seed */ diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java index beea21ef47..ad8ba6d195 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java @@ -350,6 +350,7 @@ public XMSSPrivateKeyParameters build() /** * @deprecated use getEncoded() - this method will become private. */ + @Deprecated public byte[] toByteArray() { synchronized (this) diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPublicKeyParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPublicKeyParameters.java index be24df58d9..cb89612fd5 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPublicKeyParameters.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPublicKeyParameters.java @@ -149,6 +149,7 @@ public XMSSPublicKeyParameters build() /** * @deprecated use getEncoded() - this method will become private. */ + @Deprecated public byte[] toByteArray() { /* oid || root || seed */ diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSStoreableObjectInterface.java b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSStoreableObjectInterface.java index 1df76eca4a..f7c5fee430 100644 --- a/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSStoreableObjectInterface.java +++ b/core/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSStoreableObjectInterface.java @@ -5,6 +5,7 @@ * * @deprecated use Encodable */ +@Deprecated public interface XMSSStoreableObjectInterface { @@ -13,5 +14,5 @@ public interface XMSSStoreableObjectInterface * * @return Byte representation of object. */ - public byte[] toByteArray(); + byte[] toByteArray(); } diff --git a/core/src/main/java/org/bouncycastle/pqc/legacy/math/linearalgebra/ByteUtils.java b/core/src/main/java/org/bouncycastle/pqc/legacy/math/linearalgebra/ByteUtils.java index 26eeaa69fd..60dc77e1af 100644 --- a/core/src/main/java/org/bouncycastle/pqc/legacy/math/linearalgebra/ByteUtils.java +++ b/core/src/main/java/org/bouncycastle/pqc/legacy/math/linearalgebra/ByteUtils.java @@ -7,6 +7,7 @@ * * @deprecated use org.bouncycastle.util.Arrays. */ +@Deprecated public final class ByteUtils { diff --git a/core/src/main/java/org/bouncycastle/pqc/legacy/math/linearalgebra/IntegerFunctions.java b/core/src/main/java/org/bouncycastle/pqc/legacy/math/linearalgebra/IntegerFunctions.java index 8e44d10523..c2d032dd87 100644 --- a/core/src/main/java/org/bouncycastle/pqc/legacy/math/linearalgebra/IntegerFunctions.java +++ b/core/src/main/java/org/bouncycastle/pqc/legacy/math/linearalgebra/IntegerFunctions.java @@ -1061,6 +1061,7 @@ public static float floatPow(float f, int i) * @return log_2(x) * @deprecated use MathFunctions.log(double) instead */ + @Deprecated public static double log(double x) { if (x > 0 && x < 1) @@ -1092,6 +1093,7 @@ public static double log(double x) * @return log_2(x) * @deprecated use MathFunctions.log(long) instead */ + @Deprecated public static double log(long x) { int tmp = floorLog(BigInteger.valueOf(x)); @@ -1108,9 +1110,10 @@ public static double log(long x) * @return log_2(arg) * @deprecated use MathFunctions.logBKM(double) instead */ + @Deprecated private static double logBKM(double arg) { - double ae[] = // A_e[k] = log_2 (1 + 0.5^k) + double[] ae = // A_e[k] = log_2 (1 + 0.5^k) { 1.0000000000000000000000000000000000000000000000000000000000000000000000000000, 0.5849625007211561814537389439478165087598144076924810604557526545410982276485, diff --git a/core/src/main/java/org/bouncycastle/util/Fingerprint.java b/core/src/main/java/org/bouncycastle/util/Fingerprint.java index 7027d4948c..aff0427f65 100644 --- a/core/src/main/java/org/bouncycastle/util/Fingerprint.java +++ b/core/src/main/java/org/bouncycastle/util/Fingerprint.java @@ -45,6 +45,7 @@ public Fingerprint(byte[] source, int bitLength) * @param useSHA512t use the old SHA512/160 calculation. * @deprecated use the SHAKE only version. */ + @Deprecated public Fingerprint(byte[] source, boolean useSHA512t) { if (useSHA512t) @@ -143,6 +144,7 @@ public static byte[] calculateFingerprint(byte[] input, int bitLength) * @return a byte array containing a 20 byte fingerprint. * @deprecated use the SHAKE based version. */ + @Deprecated public static byte[] calculateFingerprintSHA512_160(byte[] input) { SHA512tDigest digest = new SHA512tDigest(160); diff --git a/core/src/main/java/org/bouncycastle/util/Pack.java b/core/src/main/java/org/bouncycastle/util/Pack.java index d3a360975f..79d7ec9dba 100644 --- a/core/src/main/java/org/bouncycastle/util/Pack.java +++ b/core/src/main/java/org/bouncycastle/util/Pack.java @@ -159,6 +159,7 @@ public static void longToBigEndian(long[] ns, int nsOff, int nsLen, byte[] bs, i * @param bytes number of bytes to write. * @deprecated Will be removed */ + @Deprecated public static void longToBigEndian(long value, byte[] bs, int off, int bytes) { for (int i = bytes - 1; i >= 0; i--) diff --git a/mail/src/main/java/org/bouncycastle/mail/smime/validator/SignedMailValidator.java b/mail/src/main/java/org/bouncycastle/mail/smime/validator/SignedMailValidator.java index a6c99488de..b3c82ae128 100644 --- a/mail/src/main/java/org/bouncycastle/mail/smime/validator/SignedMailValidator.java +++ b/mail/src/main/java/org/bouncycastle/mail/smime/validator/SignedMailValidator.java @@ -360,12 +360,7 @@ protected void validateSignatures(PKIXParameters pkixParam) { review = (PKIXCertPathReviewer)certPathReviewerClass.newInstance(); } - catch (IllegalAccessException e) - { - throw new IllegalArgumentException("Cannot instantiate object of type " + - certPathReviewerClass.getName() + ": " + e.getMessage()); - } - catch (InstantiationException e) + catch (IllegalAccessException | InstantiationException e) { throw new IllegalArgumentException("Cannot instantiate object of type " + certPathReviewerClass.getName() + ": " + e.getMessage()); @@ -418,15 +413,15 @@ public static Set getEmailAddresses(X509Certificate cert) TBSCertificate tbsCertificate = getTBSCert(cert); RDN[] rdns = tbsCertificate.getSubject().getRDNs(PKCSObjectIdentifiers.pkcs_9_at_emailAddress); - for (int i = 0; i < rdns.length; i++) + for (RDN rdn : rdns) { - AttributeTypeAndValue[] atVs = rdns[i].getTypesAndValues(); + AttributeTypeAndValue[] atVs = rdn.getTypesAndValues(); for (int j = 0; j != atVs.length; j++) { if (atVs[j].getType().equals(PKCSObjectIdentifiers.pkcs_9_at_emailAddress)) { - String email = ((ASN1String)atVs[j].getValue()).getString().toLowerCase(); + String email = ((ASN1String) atVs[j].getValue()).getString().toLowerCase(); addresses.add(email); } } @@ -456,10 +451,12 @@ public static Set getEmailAddresses(X509Certificate cert) private static ASN1Primitive getObject(byte[] ext) throws IOException { - ASN1InputStream aIn = new ASN1InputStream(ext); - ASN1OctetString octs = ASN1OctetString.getInstance(aIn.readObject()); + try (ASN1InputStream aIn = new ASN1InputStream(ext)) + { + ASN1OctetString octs = ASN1OctetString.getInstance(aIn.readObject()); - return ASN1Primitive.fromByteArray(octs.getOctets()); + return ASN1Primitive.fromByteArray(octs.getOctets()); + } } protected void checkSignerCert(X509Certificate cert, List errors, @@ -547,9 +544,9 @@ else if (key instanceof DSAPublicKey) // check if email in cert is equal to the from address in the // message boolean equalsFrom = false; - for (int i = 0; i < fromAddresses.length; i++) + for (String fromAddress : fromAddresses) { - if (certEmails.contains(fromAddresses[i].toLowerCase())) + if (certEmails.contains(fromAddress.toLowerCase())) { equalsFrom = true; break; @@ -621,16 +618,15 @@ private static List findCerts(List certStores, X509CertSelector selector) throws CertStoreException { List result = new ArrayList(); - Iterator it = certStores.iterator(); - while (it.hasNext()) + for (Object certStore : certStores) { - CertStore store = (CertStore)it.next(); + CertStore store = (CertStore) certStore; Collection coll = store.getCertificates(selector); // sometimes the subjectKeyIdentifier in a TA certificate, even when the authorityKeyIdentifier is set. // where this happens we role back to a simpler match to make sure we've got all the possibilities. if (coll.isEmpty() && selector.getSubjectKeyIdentifier() != null) { - X509CertSelector certSelector = (X509CertSelector)selector.clone(); + X509CertSelector certSelector = (X509CertSelector) selector.clone(); certSelector.setSubjectKeyIdentifier(null); coll = store.getCertificates(certSelector); } diff --git a/mls/src/main/java/org/bouncycastle/mls/client/MLSClientImpl.java b/mls/src/main/java/org/bouncycastle/mls/client/MLSClientImpl.java index 201e34a78d..541aedffb9 100644 --- a/mls/src/main/java/org/bouncycastle/mls/client/MLSClientImpl.java +++ b/mls/src/main/java/org/bouncycastle/mls/client/MLSClientImpl.java @@ -47,7 +47,7 @@ public class MLSClientImpl extends MLSClientGrpc.MLSClientImplBase { - class CachedGroup + static class CachedGroup { Group group; boolean encryptHandshake; @@ -70,7 +70,7 @@ public void resetPending() } } - class CachedJoin + static class CachedJoin { KeyPackageWithSecrets kpSecrets; Map externalPsks; @@ -78,11 +78,11 @@ class CachedJoin public CachedJoin(KeyPackageWithSecrets kpSecrets) { this.kpSecrets = kpSecrets; - this.externalPsks = new HashMap(); + this.externalPsks = new HashMap<>(); } } - class CachedReinit + static class CachedReinit { KeyPackageWithSecrets kpSk; Group.Tombstone tombstone; @@ -96,10 +96,10 @@ public CachedReinit(KeyPackageWithSecrets kpSk, Group.Tombstone tombstone, boole } } - Map groupCache = new HashMap(); - Map joinCache = new HashMap(); - Map reinitCache = new HashMap(); - Map signerCache = new HashMap(); + Map groupCache = new HashMap<>(); + Map joinCache = new HashMap<>(); + Map reinitCache = new HashMap<>(); + Map signerCache = new HashMap<>(); @FunctionalInterface @@ -255,7 +255,7 @@ private KeyPackageWithSecrets newKeyPackage(MlsCipherSuite suite, byte[] identit cred, new Capabilities(), new LifeTime(), - new ArrayList(), + new ArrayList<>(), suite.serializeSignaturePrivateKey(sigKeyPair.getPrivate()) ); @@ -263,7 +263,7 @@ private KeyPackageWithSecrets newKeyPackage(MlsCipherSuite suite, byte[] identit suite, suite.getHPKE().serializePublicKey(initKeyPair.getPublic()), leafNode, - new ArrayList(), + new ArrayList<>(), suite.serializeSignaturePrivateKey(sigKeyPair.getPrivate()) ); return new KeyPackageWithSecrets(initKeyPair, encryptionKeyPair, sigKeyPair, kp); @@ -320,7 +320,7 @@ private Proposal proposalFromDescription(MlsCipherSuite suite, byte[] groupID, T case "groupContextExtensions": case "reinit": - List extList = new ArrayList(); + List extList = new ArrayList<>(); for (int i = 0; i < desc.getExtensionsCount(); i++) { Extension ext = new Extension(desc.getExtensions(i).getExtensionType(), desc.getExtensions(i).getExtensionData().toByteArray()); @@ -446,7 +446,7 @@ public void createGroupImpl(MlsClient.CreateGroupRequest request, StreamObserver cred, new Capabilities(), new LifeTime(), - new ArrayList(), + new ArrayList<>(), suite.serializeSignaturePrivateKey(sigKeyPair.getPrivate()) ); Group group = new Group( @@ -455,7 +455,7 @@ public void createGroupImpl(MlsClient.CreateGroupRequest request, StreamObserver leafKeyPair, suite.serializeSignaturePrivateKey(sigKeyPair.getPrivate()), leafNode.copy(leafNode.getEncryptionKey()), - new ArrayList() + new ArrayList<>() ); int stateId = storeGroup(group, request.getEncryptHandshake()); @@ -556,7 +556,7 @@ private void joinGroupImpl(MlsClient.JoinGroupRequest request, StreamObserver() + new HashMap<>() ); byte[] epochAuthenticator = group.getEpochAuthenticator(); int stateID = storeGroup(group, request.getEncryptHandshake()); @@ -609,7 +609,7 @@ private void externalJoinImpl(MlsClient.ExternalJoinRequest request, StreamObser cred, new Capabilities(), new LifeTime(), - new ArrayList(), + new ArrayList<>(), suite.serializeSignaturePrivateKey(sigKeyPair.getPrivate()) ); @@ -617,7 +617,7 @@ private void externalJoinImpl(MlsClient.ExternalJoinRequest request, StreamObser suite, suite.getHPKE().serializePublicKey(initKeyPair.getPublic()), leafNode, - new ArrayList(), + new ArrayList<>(), suite.serializeSignaturePrivateKey(sigKeyPair.getPrivate()) ); @@ -674,7 +674,7 @@ else if (outTree == null) } } // Install PSKs - Map externalPSKs = new HashMap(); + Map externalPSKs = new HashMap<>(); for (int i = 0; i < request.getPsksCount(); i++) { MlsClient.PreSharedKey psk = request.getPsks(i); @@ -1123,7 +1123,7 @@ public void run(CachedGroup group) private void groupContextExtensionsProposalImpl(CachedGroup entry, MlsClient.GroupContextExtensionsProposalRequest request, StreamObserver responseObserver) throws Exception { - List extList = new ArrayList(); + List extList = new ArrayList<>(); for (int i = 0; i < request.getExtensionsCount(); i++) { Extension ext = new Extension(request.getExtensions(i).getExtensionType(), request.getExtensions(i).getExtensionData().toByteArray()); @@ -1173,7 +1173,7 @@ private void commitImpl(CachedGroup entry, MlsClient.CommitRequest request, Stre } // create by value proposals - List byValue = new ArrayList(); + List byValue = new ArrayList<>(); for (int i = 0; i < request.getByValueCount(); i++) { MlsClient.ProposalDescription desc = request.getByValue(i); @@ -1361,7 +1361,7 @@ private void reInitProposalImpl(CachedGroup entry, MlsClient.ReInitProposalReque ProtocolVersion version = ProtocolVersion.mls10; MlsCipherSuite suite = MlsCipherSuite.getSuite((short)request.getCipherSuite()); - List extList = new ArrayList(); + List extList = new ArrayList<>(); for (int i = 0; i < request.getExtensionsCount(); i++) { Extension ext = new Extension(request.getExtensions(i).getExtensionType(), request.getExtensions(i).getExtensionData().toByteArray()); @@ -1416,14 +1416,14 @@ private void reInitCommitImpl(CachedGroup entry, MlsClient.CommitRequest request SecureRandom random = new SecureRandom(); byte[] leafSecret = new byte[entry.group.getSuite().getKDF().getHashLength()]; random.nextBytes(leafSecret); - Group.CommitOptions commitOptions = new Group.CommitOptions(new ArrayList(), inlineTree, forcePath, null); + Group.CommitOptions commitOptions = new Group.CommitOptions(new ArrayList<>(), inlineTree, forcePath, null); Group.TombstoneWithMessage twm = entry.group.reinitCommit(leafSecret, commitOptions, entry.messageOptions); // cache the reinit LeafNode leaf = entry.group.getTree().getLeafNode(entry.group.getIndex()); byte[] identity = leaf.getCredential().getIdentity(); KeyPackageWithSecrets kpSk = newKeyPackage(twm.getSuite(), identity); - ; + int reinitID = storeReinit(kpSk, twm, entry.encryptHandshake); byte[] commitBytes = MLSOutputStream.encode(twm.getMessage()); @@ -1564,7 +1564,7 @@ private void reInitWelcomeImpl(MlsClient.ReInitWelcomeRequest request, StreamObs } // Import the KeyPackages - List keyPackages = new ArrayList(); + List keyPackages = new ArrayList<>(); for (int i = 0; i < request.getKeyPackageCount(); i++) { MLSMessage message = (MLSMessage)MLSInputStream.decode(request.getKeyPackage(i).toByteArray(), MLSMessage.class); @@ -1689,7 +1689,7 @@ private void createBranchImpl(CachedGroup entry, MlsClient.CreateBranchRequest r throws Exception { // Import KeyPackages - List keyPackages = new ArrayList(); + List keyPackages = new ArrayList<>(); for (int i = 0; i < request.getKeyPackagesCount(); i++) { MLSMessage message = (MLSMessage)MLSInputStream.decode(request.getKeyPackages(i).toByteArray(), MLSMessage.class); @@ -1697,7 +1697,7 @@ private void createBranchImpl(CachedGroup entry, MlsClient.CreateBranchRequest r } // Import extensions - List extList = new ArrayList(); + List extList = new ArrayList<>(); for (int i = 0; i < request.getExtensionsCount(); i++) { Extension ext = new Extension(request.getExtensions(i).getExtensionType(), request.getExtensions(i).getExtensionData().toByteArray()); @@ -1917,8 +1917,8 @@ private void addExternalSignerImpl(CachedGroup entry, MlsClient.AddExternalSigne { byte[] extSender = request.getExternalSender().toByteArray(); - List extList = new ArrayList(entry.group.getExtensions()); - List extSenders = new ArrayList(); + List extList = new ArrayList<>(entry.group.getExtensions()); + List extSenders = new ArrayList<>(); for (Extension ext : extList) { if (ext.extensionType == ExtensionType.EXTERNAL_SENDERS) @@ -1926,7 +1926,7 @@ private void addExternalSignerImpl(CachedGroup entry, MlsClient.AddExternalSigne extSenders = ext.getSenders(); } } - extList = new ArrayList(); + extList = new ArrayList<>(); extSenders.add((ExternalSender)MLSInputStream.decode(extSender, ExternalSender.class)); extList.add(Extension.externalSender(extSenders)); @@ -1981,7 +1981,7 @@ private void externalSignerProposalImpl(MlsClient.ExternalSignerProposalRequest byte[] sigPub = suite.serializeSignaturePublicKey(suite.deserializeSignaturePrivateKey(sigPriv).getPublic()); // Look up the signer index of this signer - List extSenders = new ArrayList(); + List extSenders = new ArrayList<>(); for (Extension ext : groupInfo.getGroupContext().getExtensions()) { if (ext.extensionType == ExtensionType.EXTERNAL_SENDERS) diff --git a/mls/src/main/java/org/bouncycastle/mls/codec/GroupContext.java b/mls/src/main/java/org/bouncycastle/mls/codec/GroupContext.java index 404ab78e24..7f260d7d08 100644 --- a/mls/src/main/java/org/bouncycastle/mls/codec/GroupContext.java +++ b/mls/src/main/java/org/bouncycastle/mls/codec/GroupContext.java @@ -41,7 +41,7 @@ public GroupContext(MlsCipherSuite ciphersuite, byte[] groupID, long epoch, byte this.epoch = epoch; this.treeHash = treeHash; this.confirmedTranscriptHash = confirmedTranscriptHash; - this.extensions = new ArrayList(extensions); + this.extensions = new ArrayList<>(extensions); } @SuppressWarnings("unused") @@ -55,7 +55,7 @@ public GroupContext(MLSInputStream stream) this.epoch = (long)stream.read(long.class); this.treeHash = stream.readOpaque(); this.confirmedTranscriptHash = stream.readOpaque(); - this.extensions = new ArrayList(); + this.extensions = new ArrayList<>(); stream.readList(extensions, Extension.class); } diff --git a/mls/src/main/java/org/bouncycastle/mls/protocol/Group.java b/mls/src/main/java/org/bouncycastle/mls/protocol/Group.java index bc24424546..e45f94b7b9 100644 --- a/mls/src/main/java/org/bouncycastle/mls/protocol/Group.java +++ b/mls/src/main/java/org/bouncycastle/mls/protocol/Group.java @@ -56,7 +56,7 @@ public class Group { - public class GroupWithMessage + public static class GroupWithMessage { public Group group; public MLSMessage message; @@ -113,7 +113,7 @@ public GroupWithMessage createWelcome(AsymmetricCipherKeyPair encSk, byte[] sigS newGroup.resumptionPSKs.put(new EpochRef(priorGroupID, priorEpoch), resumptionPsk); // Create Add proposals - List proposals = new ArrayList(); + List proposals = new ArrayList<>(); for (KeyPackage kp : keyPackages) { proposals.add(newGroup.addProposal(kp)); @@ -141,7 +141,7 @@ public GroupWithMessage createWelcome(AsymmetricCipherKeyPair encSk, byte[] sigS public Group handleWelcome(AsymmetricCipherKeyPair initSk, AsymmetricCipherKeyPair encSk, AsymmetricCipherKeyPair sigSk, KeyPackage keyPackage, MLSMessage welcome, TreeKEMPublicKey tree) throws Exception { - Map resumptionPsks = new HashMap(); + Map resumptionPsks = new HashMap<>(); resumptionPsks.put(new EpochRef(priorGroupID, priorEpoch), resumptionPsk); MlsCipherSuite suite = welcome.getCipherSuite(); @@ -152,7 +152,7 @@ public Group handleWelcome(AsymmetricCipherKeyPair initSk, AsymmetricCipherKeyPa keyPackage, welcome.welcome, tree, - new HashMap(), + new HashMap<>(), resumptionPsks ); @@ -291,7 +291,7 @@ public static class CommitOptions public CommitOptions() { - this.extraProposals = new ArrayList(); + this.extraProposals = new ArrayList<>(); this.leafNodeOptions = new LeafNodeOptions(); } @@ -312,7 +312,7 @@ public CommitOptions(List extraProposals, boolean inlineTree, boolean } } - class JoinersWithPSKS + static class JoinersWithPSKS { List joiners; List psks; @@ -324,7 +324,7 @@ public JoinersWithPSKS(List joiners, List(), + new ArrayList<>(), keySchedule.confirmationTag(transcriptHash.getConfirmed()) ); @@ -469,13 +469,13 @@ public Group(AsymmetricCipherKeyPair sigSk, GroupInfo groupInfo, TreeKEMPublicKe this.tree = TreeKEMPublicKey.clone(importTree(groupInfo.getGroupContext().getTreeHash(), tree, groupInfo.getExtensions())); this.treePriv = new TreeKEMPrivateKey(suite, new LeafIndex(0));// check this should be null this.transcriptHash = TranscriptHash.fromConfirmationTag(this.suite, groupInfo.getGroupContext().getConfirmedTranscriptHash(), groupInfo.getConfirmationTag()); - this.extensions = new ArrayList(groupInfo.getGroupContext().getExtensions()); + this.extensions = new ArrayList<>(groupInfo.getGroupContext().getExtensions()); this.keySchedule = new KeyScheduleEpoch(this.suite); this.index = new LeafIndex(0); this.identitySk = suite.serializeSignaturePrivateKey(sigSk.getPrivate()); - this.pendingProposals = new ArrayList(); - this.resumptionPSKs = new HashMap(); - this.externalPSKs = new HashMap(); + this.pendingProposals = new ArrayList<>(); + this.resumptionPSKs = new HashMap<>(); + this.externalPSKs = new HashMap<>(); this.keys = null; } @@ -496,14 +496,14 @@ public Group( this.epoch = 0; tree = new TreeKEMPublicKey(suite); this.transcriptHash = new TranscriptHash(suite); - this.extensions = new ArrayList(); + this.extensions = new ArrayList<>(); this.extensions.addAll(extensions); this.index = new LeafIndex(0); this.identitySk = sigSk.clone(); - this.pendingProposals = new ArrayList(); - this.externalPSKs = new HashMap(); - this.resumptionPSKs = new HashMap(); + this.pendingProposals = new ArrayList<>(); + this.externalPSKs = new HashMap<>(); + this.resumptionPSKs = new HashMap<>(); index = tree.addLeaf(leafNode); tree.setHashAll(); @@ -546,13 +546,13 @@ public Group( ) throws Exception { - pendingProposals = new ArrayList(); + pendingProposals = new ArrayList<>(); suite = welcome.getSuite(); epoch = 0; identitySk = sigSk; - externalPSKs = new HashMap(); + externalPSKs = new HashMap<>(); externalPSKs.putAll(externalPsks); - this.resumptionPSKs = new HashMap(); + this.resumptionPSKs = new HashMap<>(); this.resumptionPSKs.putAll(resumptionPsks); int kpi = welcome.find(keyPackage); @@ -593,7 +593,7 @@ public Group( transcriptHash = new TranscriptHash(suite, groupInfo.getGroupContext().getConfirmedTranscriptHash().clone(), null); transcriptHash.updateInterim(groupInfo.getConfirmationTag()); - extensions = new ArrayList(); + extensions = new ArrayList<>(); extensions.addAll(groupInfo.getGroupContext().getExtensions()); // Create the TreeKEMPrivateKey @@ -882,7 +882,7 @@ public GroupWithMessage createBranch(byte[] groupID, AsymmetricCipherKeyPair enc newGroup.resumptionPSKs.put(new EpochRef(this.groupID, this.epoch), this.keySchedule.resumptionPSK.value().clone()); // Create Add proposals - List proposals = new ArrayList(); + List proposals = new ArrayList<>(); for (KeyPackage kp : keyPackages) { proposals.add(newGroup.addProposal(kp)); @@ -909,7 +909,7 @@ public GroupWithMessage createBranch(byte[] groupID, AsymmetricCipherKeyPair enc public Group handleBranch(AsymmetricCipherKeyPair initSk, AsymmetricCipherKeyPair encSk, AsymmetricCipherKeyPair sigSk, KeyPackage keyPackage, MLSMessage welcome, TreeKEMPublicKey tree) throws Exception { - Map resumptionPsks = new HashMap(); + Map resumptionPsks = new HashMap<>(); resumptionPsks.put(new EpochRef(this.groupID, this.epoch), this.keySchedule.resumptionPSK.value().clone()); Group branchGroup = new Group( @@ -919,7 +919,7 @@ public Group handleBranch(AsymmetricCipherKeyPair initSk, AsymmetricCipherKeyPai keyPackage, welcome.welcome, tree, - new HashMap(), + new HashMap<>(), resumptionPsks ); @@ -1021,7 +1021,7 @@ public GroupWithMessage commit(Secret leafSecret, CommitOptions commitOptions, M throws Exception { Commit commit = new Commit(); - List joiners = new ArrayList(); + List joiners = new ArrayList<>(); for (CachedProposal cached : pendingProposals) { if (cached.proposal.getProposalType() == ProposalType.ADD) @@ -1077,7 +1077,7 @@ public GroupWithMessage commit(Secret leafSecret, CommitOptions commitOptions, M // KEM new entropy to the group and the new joiners Secret commitSecret = Secret.zero(suite); - List pathSecrets = new ArrayList(); + List pathSecrets = new ArrayList<>(); for (int i = 0; i < joinersWithpsks.joiners.size(); i++) { pathSecrets.add(null); @@ -1136,7 +1136,7 @@ public GroupWithMessage commit(Secret leafSecret, CommitOptions commitOptions, M next.transcriptHash.getConfirmed(), next.extensions ), - new ArrayList(), + new ArrayList<>(), confirmationTag ); if (commitOptions != null && commitOptions.inlineTree) @@ -1184,7 +1184,7 @@ else if (commitOptions != null && commitOptions.extraProposals.size() == 1) return new TombstoneWithMessage(gwm.group, reinit, gwm.message); } - static public MLSMessage newMemberAdd(byte[] groupID, long epoch, KeyPackage newMember, AsymmetricCipherKeyPair sigSk) + public static MLSMessage newMemberAdd(byte[] groupID, long epoch, KeyPackage newMember, AsymmetricCipherKeyPair sigSk) throws Exception { MlsCipherSuite suite = newMember.getSuite(); @@ -1686,14 +1686,14 @@ private void applyGCE(List proposals) { throw new Exception("Unsupported extensions in GroupContextExtensions"); } - extensions = new ArrayList(cached.proposal.getGroupContextExtensions().extensions); + extensions = new ArrayList<>(cached.proposal.getGroupContextExtensions().extensions); } } private List applyPSK(List proposals) throws Exception { - List pskIDs = new ArrayList(); + List pskIDs = new ArrayList<>(); for (CachedProposal cached : proposals) { if (cached.proposal.getProposalType() != ProposalType.PSK) @@ -1708,7 +1708,7 @@ private List applyPSK(List propo private List applyAdd(List proposals) { - List locations = new ArrayList(); + List locations = new ArrayList<>(); for (CachedProposal cached : proposals) { if (cached.proposal.getProposalType() != ProposalType.ADD) @@ -1743,13 +1743,13 @@ private Group successor() throws IOException { Group next = new Group(); - next.externalPSKs = new HashMap(externalPSKs); - next.resumptionPSKs = new HashMap(); + next.externalPSKs = new HashMap<>(externalPSKs); + next.resumptionPSKs = new HashMap<>(); next.resumptionPSKs.putAll(resumptionPSKs); next.epoch = epoch; next.groupID = groupID.clone(); next.transcriptHash = transcriptHash.copy(); - next.extensions = new ArrayList(); + next.extensions = new ArrayList<>(); next.extensions.addAll(extensions); next.keySchedule = keySchedule; next.tree = TreeKEMPublicKey.clone(tree); @@ -1758,7 +1758,7 @@ private Group successor() next.suite = suite; next.index = index; next.identitySk = identitySk.clone(); - next.pendingProposals = new ArrayList(); + next.pendingProposals = new ArrayList<>(); next.cachedUpdate = cachedUpdate; next.resumptionPSKs.put(new EpochRef(groupID, epoch), keySchedule.resumptionPSK.value().clone()); @@ -2129,7 +2129,7 @@ private boolean validateNormalCachedProposals(List proposals, Le // leaf. If the committer has received multiple such proposals they SHOULD // prefer any Remove received, or the most recent Update if there are no // Removes. - Set updatedOrRemoved = new HashSet(); + Set updatedOrRemoved = new HashSet<>(); boolean has_dup_update_remove = false; for (CachedProposal cached : proposals) { @@ -2157,7 +2157,7 @@ private boolean validateNormalCachedProposals(List proposals, Le // It contains multiple Add proposals that contain KeyPackages that represent // the same client according to the application (for example, identical // signature keys). - List signatureKeys = new ArrayList(); + List signatureKeys = new ArrayList<>(); boolean has_dup_signature_key = false; for (CachedProposal cached : proposals) { @@ -2192,7 +2192,7 @@ private boolean validateNormalCachedProposals(List proposals, Le // It contains multiple PreSharedKey proposals that reference the same // PreSharedKeyID. - List pskids = new ArrayList(); + List pskids = new ArrayList<>(); boolean has_dup_psk_id = false; for (CachedProposal cached : proposals) { @@ -2252,7 +2252,7 @@ private boolean validateNormalCachedProposals(List proposals, Le // uniqueness of encryption keys across the Adds and Updates in this list of // proposals. The keys have already been checked to be distinct from any keys // already in the tree. - List encKeys = new ArrayList(); + List encKeys = new ArrayList<>(); boolean has_dup_enc_key = false; for (CachedProposal cached : proposals) { @@ -2325,7 +2325,7 @@ private boolean validateExternalCachedProposals(List proposals) private List mustResolve(List proposals, LeafIndex sender) { - List out = new ArrayList(); + List out = new ArrayList<>(); for (ProposalOrRef id : proposals) { switch (id.getType()) @@ -2394,7 +2394,7 @@ else if (outTree == null) private List resolve(List psks) throws Exception { - List out = new ArrayList(); + List out = new ArrayList<>(); for (PreSharedKeyID psk : psks) { switch (psk.pskType) diff --git a/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCRLUtil.java b/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCRLUtil.java index 6e55b79cbd..4004002d15 100644 --- a/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCRLUtil.java +++ b/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCRLUtil.java @@ -7,7 +7,6 @@ import java.security.cert.X509Certificate; import java.util.Date; import java.util.HashSet; -import java.util.Iterator; import java.util.List; import java.util.Set; @@ -60,9 +59,9 @@ static Set findCRLs(PKIXCRLStoreSelector crlselect, Date validityDate, List cert Set finalSet = new HashSet(); // based on RFC 5280 6.3.3 - for (Iterator it = initialSet.iterator(); it.hasNext();) + for (Object o : initialSet) { - X509CRL crl = (X509CRL)it.next(); + X509CRL crl = (X509CRL)o; Date nextUpdate = crl.getNextUpdate(); if (nextUpdate == null || nextUpdate.after(validityDate)) @@ -95,10 +94,8 @@ private static void findCRLs(HashSet crls, PKIXCRLStoreSelector crlSelect, List AnnotatedException lastException = null; boolean foundValidStore = false; - Iterator iter = crlStores.iterator(); - while (iter.hasNext()) + for (Object obj : crlStores) { - Object obj = iter.next(); if (obj instanceof Store) { Store store = (Store)obj; diff --git a/pkix/src/main/java/org/bouncycastle/pkix/jcajce/RevocationUtilities.java b/pkix/src/main/java/org/bouncycastle/pkix/jcajce/RevocationUtilities.java index 13548619bd..fdcc551240 100644 --- a/pkix/src/main/java/org/bouncycastle/pkix/jcajce/RevocationUtilities.java +++ b/pkix/src/main/java/org/bouncycastle/pkix/jcajce/RevocationUtilities.java @@ -111,11 +111,8 @@ private static ASN1Primitive getObject(ASN1ObjectIdentifier oid, byte[] ext) thr protected static void findCertificates(LinkedHashSet certs, PKIXCertStoreSelector certSelect, List certStores) throws AnnotatedException { - Iterator iter = certStores.iterator(); - while (iter.hasNext()) + for (Object obj : certStores) { - Object obj = iter.next(); - if (obj instanceof Store) { Store certStore = (Store)obj; @@ -161,19 +158,19 @@ static List getAdditionalStoresFromCRLDistributionPoint(CRLDistPoi throw new AnnotatedException("Distribution points could not be read.", e); } - List stores = new ArrayList(); + List stores = new ArrayList<>(); - for (int i = 0; i < dps.length; i++) + for (DistributionPoint dp : dps) { - DistributionPointName dpn = dps[i].getDistributionPoint(); + DistributionPointName dpn = dp.getDistributionPoint(); // look for URIs in fullName if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) { GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames(); - for (int j = 0; j < genNames.length; j++) + for (GeneralName genName : genNames) { - PKIXCRLStore store = namedCRLStoreMap.get(genNames[j]); + PKIXCRLStore store = namedCRLStoreMap.get(genName); if (store != null) { stores.add(store); diff --git a/pkix/src/main/java/org/bouncycastle/pkix/util/LocalizedMessage.java b/pkix/src/main/java/org/bouncycastle/pkix/util/LocalizedMessage.java index 9abedd151c..de073df435 100644 --- a/pkix/src/main/java/org/bouncycastle/pkix/util/LocalizedMessage.java +++ b/pkix/src/main/java/org/bouncycastle/pkix/util/LocalizedMessage.java @@ -39,7 +39,7 @@ public class LocalizedMessage * @param id the id of the corresponding bundle in the resource file * @throws NullPointerException if resource or id is null */ - public LocalizedMessage(String resource,String id) throws NullPointerException + public LocalizedMessage(String resource, String id) throws NullPointerException { if (resource == null || id == null) { @@ -59,7 +59,7 @@ public LocalizedMessage(String resource,String id) throws NullPointerException * @throws NullPointerException if resource or id is null * @throws UnsupportedEncodingException if the encoding is not supported */ - public LocalizedMessage(String resource,String id, String encoding) throws NullPointerException, UnsupportedEncodingException + public LocalizedMessage(String resource, String id, String encoding) throws NullPointerException, UnsupportedEncodingException { if (resource == null || id == null) { @@ -126,10 +126,10 @@ public LocalizedMessage(String resource, String id, String encoding, Object[] ar * @param key second part of the entry id * @param loc the used {@link Locale} * @param timezone the used {@link TimeZone} - * @return a Strng containing the localized message + * @return a String containing the localized message * @throws MissingEntryException if the resource file is not available or the entry does not exist. */ - public String getEntry(String key,Locale loc, TimeZone timezone) throws MissingEntryException + public String getEntry(String key, Locale loc, TimeZone timezone) throws MissingEntryException { String entry = id; if (key != null) diff --git a/test/src/main/java/org/bouncycastle/test/est/ESTServerUtils.java b/test/src/main/java/org/bouncycastle/test/est/ESTServerUtils.java index c48e0a3b8e..dea7abc90a 100644 --- a/test/src/main/java/org/bouncycastle/test/est/ESTServerUtils.java +++ b/test/src/main/java/org/bouncycastle/test/est/ESTServerUtils.java @@ -2,6 +2,7 @@ import java.io.File; import java.io.IOException; +import java.net.InetAddress; import java.net.Socket; import java.util.Arrays; import java.util.List; @@ -94,7 +95,7 @@ public static void waitForSocket(int port) try { Thread.sleep(100); - sock = new Socket("127.0.0.1", port); + sock = new Socket(InetAddress.getLoopbackAddress(), port); break; } catch (Exception ex) diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java index f2af7facd9..f398b8ca0c 100644 --- a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java +++ b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java @@ -19,7 +19,6 @@ import org.bouncycastle.tls.TlsUtils; import org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCrypto; import org.bouncycastle.util.Arrays; -import org.bouncycastle.util.Integers; import org.bouncycastle.util.Properties; class NamedGroupInfo @@ -138,7 +137,7 @@ static class PerConnection this.local = local; this.localECDSA = localECDSA; - this.peer = new AtomicReference>(); + this.peer = new AtomicReference<>(); } List getPeer() @@ -223,16 +222,13 @@ private static PerConnection createPerConnection(PerContext perContext, ProvSSLP boolean post13Active = TlsUtils.isTLSv13(latest); boolean pre13Active = !TlsUtils.isTLSv13(earliest); - int count = candidates.length; - LinkedHashMap local = new LinkedHashMap(count); - for (int i = 0; i < count; ++i) + LinkedHashMap local = new LinkedHashMap<>(candidates.length); + for (int candidate : candidates) { - Integer candidate = Integers.valueOf(candidates[i]); NamedGroupInfo namedGroupInfo = perContext.index.get(candidate); if (null != namedGroupInfo - && namedGroupInfo.isActive(algorithmConstraints, post13Active, pre13Active)) - { + && namedGroupInfo.isActive(algorithmConstraints, post13Active, pre13Active)) { // NOTE: Re-insertion doesn't affect iteration order for insertion-order LinkedHashMap local.put(candidate, namedGroupInfo); } @@ -328,13 +324,14 @@ static NamedGroupInfo getNamedGroup(PerContext perContext, int namedGroup) static Vector getSupportedGroupsLocalClient(PerConnection perConnection) { - return new Vector(perConnection.local.keySet()); + return new Vector<>(perConnection.local.keySet()); } static int[] getSupportedGroupsLocalServer(PerConnection perConnection) { Set keys = perConnection.local.keySet(); - int count = keys.size(), pos = 0; + int count = keys.size(); + int pos = 0; int[] result = new int[count]; for (Integer key : keys) { @@ -515,7 +512,7 @@ private static int[] createCandidates(Map index, String private static Map createIndex(boolean isFipsContext, JcaTlsCrypto crypto) { - Map ng = new TreeMap(); + Map ng = new TreeMap<>(); final boolean disableChar2 = PropertyUtils.getBooleanSystemProperty("org.bouncycastle.jsse.ec.disableChar2", false) || @@ -557,11 +554,9 @@ private static List getNamedGroupInfos(Map result = new ArrayList(count); - for (int i = 0; i < count; ++i) + ArrayList result = new ArrayList<>(count); + for (int namedGroup : namedGroups) { - int namedGroup = namedGroups[i]; - NamedGroupInfo namedGroupInfo = namedGroupInfos.get(namedGroup); if (null != namedGroupInfo) { diff --git a/tls/src/main/java/org/bouncycastle/tls/AbstractTlsServer.java b/tls/src/main/java/org/bouncycastle/tls/AbstractTlsServer.java index 1214988396..6b8f136899 100644 --- a/tls/src/main/java/org/bouncycastle/tls/AbstractTlsServer.java +++ b/tls/src/main/java/org/bouncycastle/tls/AbstractTlsServer.java @@ -68,6 +68,7 @@ protected boolean allowTrustedCAIndication() } /** @deprecated Use 'serverExtensions' directly, it is now never null */ + @Deprecated protected Hashtable checkServerExtensions() { return serverExtensions; diff --git a/tls/src/main/java/org/bouncycastle/tls/Certificate.java b/tls/src/main/java/org/bouncycastle/tls/Certificate.java index 2056b04a4f..fa4b798eec 100644 --- a/tls/src/main/java/org/bouncycastle/tls/Certificate.java +++ b/tls/src/main/java/org/bouncycastle/tls/Certificate.java @@ -245,6 +245,7 @@ public void encode(TlsContext context, OutputStream messageOutput, OutputStream * @throws IOException * @deprecated Use version taking a {@link ParseOptions} argument instead. */ + @Deprecated public static Certificate parse(TlsContext context, InputStream messageInput, OutputStream endPointHashOutput) throws IOException { diff --git a/tls/src/main/java/org/bouncycastle/tls/ClientHello.java b/tls/src/main/java/org/bouncycastle/tls/ClientHello.java index 915cca31d1..21249baa78 100644 --- a/tls/src/main/java/org/bouncycastle/tls/ClientHello.java +++ b/tls/src/main/java/org/bouncycastle/tls/ClientHello.java @@ -44,6 +44,7 @@ public int[] getCipherSuites() /** * @deprecated Use {@link #getVersion()} instead. */ + @Deprecated public ProtocolVersion getClientVersion() { return version; diff --git a/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java b/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java index a69ecd1bc9..347891c656 100644 --- a/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java +++ b/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java @@ -103,10 +103,13 @@ public class NamedGroup public static final int arbitrary_explicit_char2_curves = 0xFF02; /** @deprecated Experimental API (unstable): unofficial value from Open Quantum Safe project. */ + @Deprecated public static final int OQS_mlkem512 = 0x0247; /** @deprecated Experimental API (unstable): unofficial value from Open Quantum Safe project. */ + @Deprecated public static final int OQS_mlkem768 = 0x0248; /** @deprecated Experimental API (unstable): unofficial value from Open Quantum Safe project. */ + @Deprecated public static final int OQS_mlkem1024 = 0x0249; /* diff --git a/tls/src/main/java/org/bouncycastle/tls/RecordPreview.java b/tls/src/main/java/org/bouncycastle/tls/RecordPreview.java index fc5900ae08..84a7a5906b 100644 --- a/tls/src/main/java/org/bouncycastle/tls/RecordPreview.java +++ b/tls/src/main/java/org/bouncycastle/tls/RecordPreview.java @@ -22,6 +22,7 @@ static RecordPreview extendRecordSize(RecordPreview a, int recordSize) } /** @deprecated Use {@link #getContentLimit} instead */ + @Deprecated public int getApplicationDataLimit() { return contentLimit; diff --git a/tls/src/main/java/org/bouncycastle/tls/SecurityParameters.java b/tls/src/main/java/org/bouncycastle/tls/SecurityParameters.java index 3a933d2858..0841586000 100644 --- a/tls/src/main/java/org/bouncycastle/tls/SecurityParameters.java +++ b/tls/src/main/java/org/bouncycastle/tls/SecurityParameters.java @@ -177,6 +177,7 @@ public int[] getServerSupportedGroups() * * @deprecated Will be removed. Use constant CompressionMethod._null instead. */ + @Deprecated public short getCompressionAlgorithm() { return CompressionMethod._null; @@ -193,6 +194,7 @@ public short getMaxFragmentLength() /** * @deprecated Use {@link #getPRFAlgorithm()} instead. */ + @Deprecated public int getPrfAlgorithm() { return prfAlgorithm; diff --git a/tls/src/main/java/org/bouncycastle/tls/SignatureScheme.java b/tls/src/main/java/org/bouncycastle/tls/SignatureScheme.java index 4d2479921b..8362a63a78 100644 --- a/tls/src/main/java/org/bouncycastle/tls/SignatureScheme.java +++ b/tls/src/main/java/org/bouncycastle/tls/SignatureScheme.java @@ -195,6 +195,7 @@ public static int getNamedGroup(int signatureScheme) } /** @deprecated Use {@link #getCryptoHashAlgorithm(int)} instead. */ + @Deprecated public static int getRSAPSSCryptoHashAlgorithm(int signatureScheme) { switch (signatureScheme) diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsExtensionsUtils.java b/tls/src/main/java/org/bouncycastle/tls/TlsExtensionsUtils.java index a44904459e..c0b5057fe0 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsExtensionsUtils.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsExtensionsUtils.java @@ -320,6 +320,7 @@ public static short getClientCertificateTypeExtensionServer(Hashtable extensions /** * @deprecated Use version without defaultValue instead */ + @Deprecated public static short getClientCertificateTypeExtensionServer(Hashtable extensions, short defaultValue) throws IOException { @@ -447,6 +448,7 @@ public static short getServerCertificateTypeExtensionServer(Hashtable extensions /** * @deprecated Use version without defaultValue instead */ + @Deprecated public static short getServerCertificateTypeExtensionServer(Hashtable extensions, short defaultValue) throws IOException { diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsPeer.java b/tls/src/main/java/org/bouncycastle/tls/TlsPeer.java index 777d61857d..ea0434df4c 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsPeer.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsPeer.java @@ -92,6 +92,7 @@ public interface TlsPeer * {@link TlsUtils#checkPeerSigAlgs(TlsContext, TlsCertificate[])} once a complete * CertPath has been determined (i.e. as part of chain validation). */ + @Deprecated boolean shouldCheckSigAlgOfPeerCerts(); boolean shouldUseExtendedMasterSecret(); diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java b/tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java index ce2630bb8c..726e0985f9 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsProtocol.java @@ -1941,6 +1941,7 @@ public boolean isHandshaking() /** * @deprecated Will be removed. */ + @Deprecated protected short processMaxFragmentLengthExtension(Hashtable clientExtensions, Hashtable serverExtensions, short alertDescription) throws IOException diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java index 005bf51c8a..442f101bd1 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java @@ -1093,6 +1093,7 @@ public static ASN1Primitive readASN1Object(byte[] encoding) throws IOException } /** @deprecated Will be removed. Use readASN1Object in combination with requireDEREncoding instead */ + @Deprecated public static ASN1Primitive readDERObject(byte[] encoding) throws IOException { /* @@ -1243,6 +1244,7 @@ public static Vector getSupportedSignatureAlgorithms(TlsContext context, Vector /** * @deprecated Will be removed */ + @Deprecated public static SignatureAndHashAlgorithm getSignatureAndHashAlgorithm(TlsContext context, TlsCredentialedSigner signerCredentials) throws IOException @@ -1597,6 +1599,7 @@ public static TlsSecret PRF(SecurityParameters securityParameters, TlsSecret sec /** * @deprecated Use {@link #PRF(SecurityParameters, TlsSecret, String, byte[], int)} instead. */ + @Deprecated public static TlsSecret PRF(TlsContext context, TlsSecret secret, String asciiLabel, byte[] seed, int length) { return PRF(context.getSecurityParametersHandshake(), secret, asciiLabel, seed, length); @@ -4097,6 +4100,7 @@ public static boolean isValidCipherSuiteForSignatureAlgorithms(int cipherSuite, /** * @deprecated Use {@link #isValidVersionForCipherSuite(int, ProtocolVersion)} instead. */ + @Deprecated public static boolean isValidCipherSuiteForVersion(int cipherSuite, ProtocolVersion version) { return isValidVersionForCipherSuite(cipherSuite, version); @@ -4341,6 +4345,7 @@ public static int[] getSupportedCipherSuites(TlsCrypto crypto, int[] suites) /** * @deprecated Use {@link #getSupportedCipherSuites(TlsCrypto, int[], int, int)} instead. */ + @Deprecated public static int[] getSupportedCipherSuites(TlsCrypto crypto, int[] suites, int suitesCount) { return getSupportedCipherSuites(crypto, suites, 0, suitesCount); diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/TlsAEADCipher.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/TlsAEADCipher.java index 8ac3ccec6b..2302f1caf9 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/TlsAEADCipher.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/TlsAEADCipher.java @@ -47,7 +47,8 @@ public final class TlsAEADCipher private final int nonceMode; private final AEADNonceGenerator nonceGenerator; - /** @deprecated Use version with extra 'nonceGeneratorFactory' parameter */ + /** @deprecated Use version with extra 'nonceGeneratorFactory' parameter */ + @Deprecated public TlsAEADCipher(TlsCryptoParameters cryptoParams, TlsAEADCipherImpl encryptCipher, TlsAEADCipherImpl decryptCipher, int keySize, int macSize, int aeadType) throws IOException { diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsRSASigner.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsRSASigner.java index 584bf44f14..0aee332f64 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsRSASigner.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsRSASigner.java @@ -31,6 +31,7 @@ public class JcaTlsRSASigner /** * @deprecated Use constructor without 'publicKey' parameter. */ + @Deprecated public JcaTlsRSASigner(JcaTlsCrypto crypto, PrivateKey privateKey, PublicKey publicKey) { this(crypto, privateKey); diff --git a/util/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderReference.java b/util/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderReference.java index ec8dec08d0..27c58b67d1 100644 --- a/util/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderReference.java +++ b/util/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderReference.java @@ -1,14 +1,15 @@ package org.bouncycastle.asn1.eac; -import java.io.UnsupportedEncodingException; +import java.nio.charset.Charset; +import java.nio.charset.StandardCharsets; public class CertificateHolderReference { - private static final String ReferenceEncoding = "ISO-8859-1"; + private static final Charset ReferenceEncoding = StandardCharsets.ISO_8859_1; - private String countryCode; - private String holderMnemonic; - private String sequenceNumber; + private final String countryCode; + private final String holderMnemonic; + private final String sequenceNumber; public CertificateHolderReference(String countryCode, String holderMnemonic, String sequenceNumber) { @@ -19,19 +20,12 @@ public CertificateHolderReference(String countryCode, String holderMnemonic, Str CertificateHolderReference(byte[] contents) { - try - { - String concat = new String(contents, ReferenceEncoding); + String concat = new String(contents, ReferenceEncoding); - this.countryCode = concat.substring(0, 2); - this.holderMnemonic = concat.substring(2, concat.length() - 5); + this.countryCode = concat.substring(0, 2); + this.holderMnemonic = concat.substring(2, concat.length() - 5); - this.sequenceNumber = concat.substring(concat.length() - 5); - } - catch (UnsupportedEncodingException e) - { - throw new IllegalStateException(e.toString()); - } + this.sequenceNumber = concat.substring(concat.length() - 5); } public String getCountryCode() @@ -54,13 +48,6 @@ public byte[] getEncoded() { String ref = countryCode + holderMnemonic + sequenceNumber; - try - { - return ref.getBytes(ReferenceEncoding); - } - catch (UnsupportedEncodingException e) - { - throw new IllegalStateException(e.toString()); - } + return ref.getBytes(ReferenceEncoding); } }