From 2deb318c9f047ec5a4b160d66a4b52f93688ec42 Mon Sep 17 00:00:00 2001 From: Weijun Wang Date: Tue, 29 Nov 2022 12:57:46 +0000 Subject: [PATCH] 8297065: DerOutputStream operations should not throw IOExceptions Reviewed-by: mullan, valeriep --- .../com/sun/crypto/provider/DHPrivateKey.java | 93 ++++++-------- .../com/sun/crypto/provider/DHPublicKey.java | 71 +++++------ .../provider/EncryptedPrivateKeyInfo.java | 4 +- .../sun/security/pkcs/ContentInfo.java | 5 +- .../pkcs/EncryptedPrivateKeyInfo.java | 24 ++-- .../classes/sun/security/pkcs/PKCS7.java | 14 +-- .../classes/sun/security/pkcs/PKCS8Key.java | 23 ++-- .../sun/security/pkcs/PKCS9Attribute.java | 5 +- .../sun/security/pkcs/PKCS9Attributes.java | 11 +- .../classes/sun/security/pkcs/SignerInfo.java | 22 ++-- .../classes/sun/security/pkcs10/PKCS10.java | 4 +- .../sun/security/pkcs10/PKCS10Attribute.java | 7 +- .../sun/security/pkcs10/PKCS10Attributes.java | 5 +- .../classes/sun/security/pkcs12/MacData.java | 2 +- .../sun/security/pkcs12/PKCS12KeyStore.java | 66 +++------- .../classes/sun/security/provider/DSA.java | 17 +-- .../sun/security/provider/DSAPrivateKey.java | 14 +-- .../sun/security/provider/DSAPublicKey.java | 16 +-- .../sun/security/provider/KeyProtector.java | 11 +- .../security/provider/certpath/CertId.java | 5 +- .../security/rsa/RSAPrivateCrtKeyImpl.java | 79 ++++++------ .../sun/security/rsa/RSAPrivateKeyImpl.java | 48 ++++---- .../sun/security/rsa/RSAPublicKeyImpl.java | 19 ++- .../sun/security/rsa/RSASignature.java | 2 - .../classes/sun/security/rsa/RSAUtil.java | 3 +- .../classes/sun/security/util/DerEncoder.java | 5 +- .../sun/security/util/DerOutputStream.java | 99 +++++++-------- .../classes/sun/security/util/DerValue.java | 6 +- .../classes/sun/security/util/NamedCurve.java | 7 +- .../sun/security/util/ObjectIdentifier.java | 2 +- .../share/classes/sun/security/x509/AVA.java | 37 ++---- .../sun/security/x509/AccessDescription.java | 2 +- .../sun/security/x509/AlgorithmId.java | 11 +- .../x509/AuthorityInfoAccessExtension.java | 8 +- .../x509/AuthorityKeyIdentifierExtension.java | 23 ++-- .../x509/BasicConstraintsExtension.java | 9 +- .../x509/CRLDistributionPointsExtension.java | 15 +-- .../sun/security/x509/CRLExtensions.java | 38 +++--- .../sun/security/x509/CRLNumberExtension.java | 15 ++- .../security/x509/CRLReasonCodeExtension.java | 8 +- .../security/x509/CertificateAlgorithmId.java | 3 +- .../security/x509/CertificateExtensions.java | 9 +- .../x509/CertificateIssuerExtension.java | 8 +- .../x509/CertificatePoliciesExtension.java | 10 +- .../security/x509/CertificatePolicyId.java | 6 +- .../security/x509/CertificatePolicyMap.java | 6 +- .../security/x509/CertificatePolicySet.java | 5 +- .../x509/CertificateSerialNumber.java | 3 +- .../security/x509/CertificateSubjectName.java | 3 +- .../security/x509/CertificateValidity.java | 3 +- .../sun/security/x509/CertificateVersion.java | 3 +- .../sun/security/x509/CertificateX509Key.java | 5 +- .../classes/sun/security/x509/DNSName.java | 4 +- .../x509/DeltaCRLIndicatorExtension.java | 7 +- .../sun/security/x509/DistributionPoint.java | 7 +- .../security/x509/DistributionPointName.java | 7 +- .../sun/security/x509/EDIPartyName.java | 4 +- .../x509/ExtendedKeyUsageExtension.java | 11 +- .../classes/sun/security/x509/Extension.java | 3 +- .../security/x509/FreshestCRLExtension.java | 6 +- .../sun/security/x509/GeneralName.java | 6 +- .../security/x509/GeneralNameInterface.java | 13 +- .../sun/security/x509/GeneralNames.java | 3 +- .../sun/security/x509/GeneralSubtree.java | 5 +- .../sun/security/x509/GeneralSubtrees.java | 5 +- .../sun/security/x509/IPAddressName.java | 4 +- .../x509/InhibitAnyPolicyExtension.java | 6 +- .../x509/InvalidityDateExtension.java | 10 +- .../x509/IssuerAlternativeNameExtension.java | 13 +- .../IssuingDistributionPointExtension.java | 9 +- .../sun/security/x509/KeyIdentifier.java | 2 +- .../sun/security/x509/KeyUsageExtension.java | 11 +- .../x509/NameConstraintsExtension.java | 8 +- .../x509/NetscapeCertTypeExtension.java | 17 +-- .../classes/sun/security/x509/OIDName.java | 4 +- .../classes/sun/security/x509/OtherName.java | 4 +- .../x509/PolicyConstraintsExtension.java | 11 +- .../sun/security/x509/PolicyInformation.java | 9 +- .../x509/PolicyMappingsExtension.java | 8 +- .../x509/PrivateKeyUsageExtension.java | 8 +- .../share/classes/sun/security/x509/RDN.java | 3 +- .../classes/sun/security/x509/RFC822Name.java | 4 +- .../sun/security/x509/ReasonFlags.java | 11 +- .../sun/security/x509/SerialNumber.java | 5 +- .../x509/SubjectAlternativeNameExtension.java | 13 +- .../x509/SubjectInfoAccessExtension.java | 8 +- .../x509/SubjectKeyIdentifierExtension.java | 8 +- .../classes/sun/security/x509/URIName.java | 4 +- .../sun/security/x509/UniqueIdentity.java | 5 +- .../sun/security/x509/X400Address.java | 3 +- .../classes/sun/security/x509/X500Name.java | 3 +- .../sun/security/x509/X509CRLEntryImpl.java | 65 ++++------ .../sun/security/x509/X509CRLImpl.java | 116 ++++++++---------- .../sun/security/x509/X509CertImpl.java | 56 ++++----- .../sun/security/x509/X509CertInfo.java | 10 +- .../classes/sun/security/x509/X509Key.java | 75 ++++------- .../share/classes/org/ietf/jgss/Oid.java | 9 +- .../classes/sun/security/jgss/GSSHeader.java | 9 +- .../sun/security/jgss/GSSNameImpl.java | 8 +- .../security/jgss/spnego/NegTokenInit.java | 88 +++++++------ .../security/jgss/spnego/NegTokenTarg.java | 88 +++++++------ .../sun/security/pkcs11/P11ECKeyFactory.java | 11 +- .../classes/sun/security/pkcs11/P11Key.java | 10 +- .../sun/security/pkcs11/P11Signature.java | 22 ++-- .../sun/security/ec/ECPrivateKeyImpl.java | 61 ++++----- .../sun/security/ec/XDHPrivateKeyImpl.java | 4 +- .../security/ec/ed/EdDSAPrivateKeyImpl.java | 5 +- .../jdeps/jdkinternals/src/q/NoRepl.java | 5 +- .../lib/security/timestamp/TsaSigner.java | 4 +- 109 files changed, 725 insertions(+), 1112 deletions(-) diff --git a/src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java b/src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java index 7b8ab570a08..c2c8348fffa 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,7 +32,6 @@ import java.math.BigInteger; import java.security.KeyRep; import java.security.PrivateKey; import java.security.InvalidKeyException; -import java.security.ProviderException; import javax.crypto.spec.DHParameterSpec; import sun.security.util.*; @@ -44,7 +43,7 @@ import sun.security.util.*; * * * @see DHPublicKey - * @see java.security.KeyAgreement + * @see javax.crypto.KeyAgreement */ final class DHPrivateKey implements PrivateKey, javax.crypto.interfaces.DHPrivateKey, Serializable { @@ -80,8 +79,6 @@ final class DHPrivateKey implements PrivateKey, * @param x the private value * @param p the prime modulus * @param g the base generator - * - * @throws ProviderException if the key cannot be encoded */ DHPrivateKey(BigInteger x, BigInteger p, BigInteger g) throws InvalidKeyException { @@ -97,24 +94,18 @@ final class DHPrivateKey implements PrivateKey, * @param p the prime modulus * @param g the base generator * @param l the private-value length - * - * @throws ProviderException if the key cannot be encoded */ DHPrivateKey(BigInteger x, BigInteger p, BigInteger g, int l) { this.x = x; this.p = p; this.g = g; this.l = l; - try { - byte[] xbytes = x.toByteArray(); - DerValue val = new DerValue(DerValue.tag_Integer, xbytes); - this.key = val.toByteArray(); - val.clear(); - Arrays.fill(xbytes, (byte)0); - encode(); - } catch (IOException e) { - throw new ProviderException("Cannot produce ASN.1 encoding", e); - } + byte[] xbytes = x.toByteArray(); + DerValue val = new DerValue(DerValue.tag_Integer, xbytes); + this.key = val.toByteArray(); + val.clear(); + Arrays.fill(xbytes, (byte) 0); + encode(); } /** @@ -221,46 +212,42 @@ final class DHPrivateKey implements PrivateKey, */ private void encode() { if (this.encodedKey == null) { - try { - DerOutputStream tmp = new DerOutputStream(); + DerOutputStream tmp = new DerOutputStream(); - // - // version - // - tmp.putInteger(PKCS8_VERSION); + // + // version + // + tmp.putInteger(PKCS8_VERSION); - // - // privateKeyAlgorithm - // - DerOutputStream algid = new DerOutputStream(); + // + // privateKeyAlgorithm + // + DerOutputStream algid = new DerOutputStream(); - // store OID - algid.putOID(DHPublicKey.DH_OID); - // encode parameters - DerOutputStream params = new DerOutputStream(); - params.putInteger(this.p); - params.putInteger(this.g); - if (this.l != 0) { - params.putInteger(this.l); - } - // wrap parameters into SEQUENCE - DerValue paramSequence = new DerValue(DerValue.tag_Sequence, - params.toByteArray()); - // store parameter SEQUENCE in algid - algid.putDerValue(paramSequence); - // wrap algid into SEQUENCE - tmp.write(DerValue.tag_Sequence, algid); - - // privateKey - tmp.putOctetString(this.key); - - // make it a SEQUENCE - DerValue val = DerValue.wrap(DerValue.tag_Sequence, tmp); - this.encodedKey = val.toByteArray(); - val.clear(); - } catch (IOException e) { - throw new AssertionError(e); + // store OID + algid.putOID(DHPublicKey.DH_OID); + // encode parameters + DerOutputStream params = new DerOutputStream(); + params.putInteger(this.p); + params.putInteger(this.g); + if (this.l != 0) { + params.putInteger(this.l); } + // wrap parameters into SEQUENCE + DerValue paramSequence = new DerValue(DerValue.tag_Sequence, + params.toByteArray()); + // store parameter SEQUENCE in algid + algid.putDerValue(paramSequence); + // wrap algid into SEQUENCE + tmp.write(DerValue.tag_Sequence, algid); + + // privateKey + tmp.putOctetString(this.key); + + // make it a SEQUENCE + DerValue val = DerValue.wrap(DerValue.tag_Sequence, tmp); + this.encodedKey = val.toByteArray(); + val.clear(); } } diff --git a/src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java b/src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java index bf33173ff2e..c786743aab0 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,7 +30,6 @@ import java.util.Objects; import java.math.BigInteger; import java.security.KeyRep; import java.security.InvalidKeyException; -import java.security.ProviderException; import java.security.PublicKey; import javax.crypto.spec.DHParameterSpec; import sun.security.util.*; @@ -97,21 +96,15 @@ javax.crypto.interfaces.DHPublicKey, Serializable { * @param p the prime modulus * @param g the base generator * @param l the private-value length - * - * @exception ProviderException if the key cannot be encoded */ DHPublicKey(BigInteger y, BigInteger p, BigInteger g, int l) { this.y = y; this.p = p; this.g = g; this.l = l; - try { - this.key = new DerValue(DerValue.tag_Integer, - this.y.toByteArray()).toByteArray(); - this.encodedKey = getEncoded(); - } catch (IOException e) { - throw new ProviderException("Cannot produce ASN.1 encoding", e); - } + this.key = new DerValue(DerValue.tag_Integer, + this.y.toByteArray()).toByteArray(); + this.encodedKey = getEncoded(); } /** @@ -201,39 +194,35 @@ javax.crypto.interfaces.DHPublicKey, Serializable { */ public synchronized byte[] getEncoded() { if (this.encodedKey == null) { - try { - DerOutputStream algid = new DerOutputStream(); + DerOutputStream algid = new DerOutputStream(); - // store oid in algid - algid.putOID(DH_OID); + // store oid in algid + algid.putOID(DH_OID); - // encode parameters - DerOutputStream params = new DerOutputStream(); - params.putInteger(this.p); - params.putInteger(this.g); - if (this.l != 0) { - params.putInteger(this.l); - } - // wrap parameters into SEQUENCE - DerValue paramSequence = new DerValue(DerValue.tag_Sequence, - params.toByteArray()); - // store parameter SEQUENCE in algid - algid.putDerValue(paramSequence); - - // wrap algid into SEQUENCE, and store it in key encoding - DerOutputStream tmpDerKey = new DerOutputStream(); - tmpDerKey.write(DerValue.tag_Sequence, algid); - - // store key data - tmpDerKey.putBitString(this.key); - - // wrap algid and key into SEQUENCE - DerOutputStream derKey = new DerOutputStream(); - derKey.write(DerValue.tag_Sequence, tmpDerKey); - this.encodedKey = derKey.toByteArray(); - } catch (IOException e) { - return null; + // encode parameters + DerOutputStream params = new DerOutputStream(); + params.putInteger(this.p); + params.putInteger(this.g); + if (this.l != 0) { + params.putInteger(this.l); } + // wrap parameters into SEQUENCE + DerValue paramSequence = new DerValue(DerValue.tag_Sequence, + params.toByteArray()); + // store parameter SEQUENCE in algid + algid.putDerValue(paramSequence); + + // wrap algid into SEQUENCE, and store it in key encoding + DerOutputStream tmpDerKey = new DerOutputStream(); + tmpDerKey.write(DerValue.tag_Sequence, algid); + + // store key data + tmpDerKey.putBitString(this.key); + + // wrap algid and key into SEQUENCE + DerOutputStream derKey = new DerOutputStream(); + derKey.write(DerValue.tag_Sequence, tmpDerKey); + this.encodedKey = derKey.toByteArray(); } return this.encodedKey.clone(); } diff --git a/src/java.base/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java b/src/java.base/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java index c6a4c0f5ab2..cfeb66c62c6 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java @@ -107,9 +107,7 @@ final class EncryptedPrivateKeyInfo { /** * Returns the ASN.1 encoding of this class. */ - byte[] getEncoded() - throws IOException - { + byte[] getEncoded() { if (this.encoded != null) return this.encoded.clone(); DerOutputStream out = new DerOutputStream(); diff --git a/src/java.base/share/classes/sun/security/pkcs/ContentInfo.java b/src/java.base/share/classes/sun/security/pkcs/ContentInfo.java index 9a6eafbe819..9d69193ad8a 100644 --- a/src/java.base/share/classes/sun/security/pkcs/ContentInfo.java +++ b/src/java.base/share/classes/sun/security/pkcs/ContentInfo.java @@ -35,7 +35,7 @@ import sun.security.util.*; * @author Benjamin Renaud */ -public class ContentInfo { +public class ContentInfo implements DerEncoder { // pkcs7 pre-defined content types public static ObjectIdentifier PKCS7_OID = @@ -166,7 +166,8 @@ public class ContentInfo { throw new IOException("content type is not DATA: " + contentType); } - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream contentDerCode; DerOutputStream seq; diff --git a/src/java.base/share/classes/sun/security/pkcs/EncryptedPrivateKeyInfo.java b/src/java.base/share/classes/sun/security/pkcs/EncryptedPrivateKeyInfo.java index 957fc83ce56..df9f4097df0 100644 --- a/src/java.base/share/classes/sun/security/pkcs/EncryptedPrivateKeyInfo.java +++ b/src/java.base/share/classes/sun/security/pkcs/EncryptedPrivateKeyInfo.java @@ -115,9 +115,7 @@ public class EncryptedPrivateKeyInfo { /** * Returns the ASN.1 encoding of this class. */ - public byte[] getEncoded() - throws IOException - { + public byte[] getEncoded() { if (this.encoded != null) return this.encoded.clone(); DerOutputStream out = new DerOutputStream(); @@ -141,20 +139,16 @@ public class EncryptedPrivateKeyInfo { return true; if (!(other instanceof EncryptedPrivateKeyInfo)) return false; - try { - byte[] thisEncrInfo = this.getEncoded(); - byte[] otherEncrInfo - = ((EncryptedPrivateKeyInfo)other).getEncoded(); + byte[] thisEncrInfo = this.getEncoded(); + byte[] otherEncrInfo + = ((EncryptedPrivateKeyInfo) other).getEncoded(); - if (thisEncrInfo.length != otherEncrInfo.length) - return false; - for (int i = 0; i < thisEncrInfo.length; i++) - if (thisEncrInfo[i] != otherEncrInfo[i]) - return false; - return true; - } catch (IOException e) { + if (thisEncrInfo.length != otherEncrInfo.length) return false; - } + for (int i = 0; i < thisEncrInfo.length; i++) + if (thisEncrInfo[i] != otherEncrInfo[i]) + return false; + return true; } /** diff --git a/src/java.base/share/classes/sun/security/pkcs/PKCS7.java b/src/java.base/share/classes/sun/security/pkcs/PKCS7.java index d72787c4fb2..cb278402094 100644 --- a/src/java.base/share/classes/sun/security/pkcs/PKCS7.java +++ b/src/java.base/share/classes/sun/security/pkcs/PKCS7.java @@ -436,18 +436,6 @@ public class PKCS7 { } } - /** - * Encodes the signed data to an output stream. - * - * @param out the output stream to write the encoded data to. - * @exception IOException on encoding errors. - */ - public void encodeSignedData(OutputStream out) throws IOException { - DerOutputStream derout = new DerOutputStream(); - encodeSignedData(derout); - out.write(derout.toByteArray()); - } - /** * Encodes the signed data to a DerOutputStream. * @@ -850,7 +838,7 @@ public class PKCS7 { : new ContentInfo(content); PKCS7 pkcs7 = new PKCS7(algorithms, contentInfo, signerChain, signerInfos); - ByteArrayOutputStream p7out = new ByteArrayOutputStream(); + DerOutputStream p7out = new DerOutputStream(); pkcs7.encodeSignedData(p7out); return p7out.toByteArray(); diff --git a/src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java b/src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java index 8fd47ccb77d..d0d7c69d1a0 100644 --- a/src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java +++ b/src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java @@ -198,8 +198,7 @@ public class PKCS8Key implements PrivateKey { * or {@code null} if an encoding error occurs. */ public byte[] getEncoded() { - byte[] b = getEncodedInternal(); - return (b == null) ? null : b.clone(); + return getEncodedInternal().clone(); } /** @@ -213,21 +212,17 @@ public class PKCS8Key implements PrivateKey { * DER-encodes this key as a byte array stored inside this object * and return it. * - * @return the encoding, or null if there is an I/O error. + * @return the encoding */ private synchronized byte[] getEncodedInternal() { if (encodedKey == null) { - try { - DerOutputStream tmp = new DerOutputStream(); - tmp.putInteger(V1); - algid.encode(tmp); - tmp.putOctetString(key); - DerValue out = DerValue.wrap(DerValue.tag_Sequence, tmp); - encodedKey = out.toByteArray(); - out.clear(); - } catch (IOException e) { - // encodedKey is still null - } + DerOutputStream tmp = new DerOutputStream(); + tmp.putInteger(V1); + algid.encode(tmp); + tmp.putOctetString(key); + DerValue out = DerValue.wrap(DerValue.tag_Sequence, tmp); + encodedKey = out.toByteArray(); + out.clear(); } return encodedKey; } diff --git a/src/java.base/share/classes/sun/security/pkcs/PKCS9Attribute.java b/src/java.base/share/classes/sun/security/pkcs/PKCS9Attribute.java index 2df5fb674d6..36fdc90704a 100644 --- a/src/java.base/share/classes/sun/security/pkcs/PKCS9Attribute.java +++ b/src/java.base/share/classes/sun/security/pkcs/PKCS9Attribute.java @@ -26,7 +26,6 @@ package sun.security.pkcs; import java.io.IOException; -import java.security.cert.CertificateException; import java.util.Date; import sun.security.x509.CertificateExtensions; @@ -530,12 +529,12 @@ public class PKCS9Attribute implements DerEncoder { * should be encoded as T61Strings. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { DerOutputStream temp = new DerOutputStream(); temp.putOID(oid); switch (index) { case -1: // Unknown - temp.write((byte[])value); + temp.writeBytes((byte[])value); break; case 1: // email address case 2: // unstructured name diff --git a/src/java.base/share/classes/sun/security/pkcs/PKCS9Attributes.java b/src/java.base/share/classes/sun/security/pkcs/PKCS9Attributes.java index a9b5f037ed7..d965103ce1e 100644 --- a/src/java.base/share/classes/sun/security/pkcs/PKCS9Attributes.java +++ b/src/java.base/share/classes/sun/security/pkcs/PKCS9Attributes.java @@ -26,7 +26,6 @@ package sun.security.pkcs; import java.io.IOException; -import java.io.OutputStream; import java.util.Hashtable; import sun.security.util.DerEncoder; @@ -155,7 +154,7 @@ public class PKCS9Attributes { * @see PKCS9Attribute */ public PKCS9Attributes(PKCS9Attribute[] attribs) - throws IllegalArgumentException, IOException { + throws IllegalArgumentException { ObjectIdentifier oid; for (int i=0; i < attribs.length; i++) { oid = attribs[i].getOID(); @@ -232,15 +231,13 @@ public class PKCS9Attributes { * * @param tag the implicit tag to use in the DER encoding. * @param out the output stream on which to put the DER encoding. - * - * @exception IOException on output error. */ - public void encode(byte tag, OutputStream out) throws IOException { + public void encode(byte tag, DerOutputStream out) { out.write(tag); out.write(derEncoding, 1, derEncoding.length -1); } - private byte[] generateDerEncoding() throws IOException { + private byte[] generateDerEncoding() { DerOutputStream out = new DerOutputStream(); DerEncoder[] attribVals = attributes.values().toArray(new DerEncoder[0]); out.putOrderedSetOf(DerValue.tag_SetOf, attribVals); @@ -251,7 +248,7 @@ public class PKCS9Attributes { * Return the DER encoding of this attribute set, tagged with * DerValue.tag_SetOf. */ - public byte[] getDerEncoding() throws IOException { + public byte[] getDerEncoding() { return derEncoding.clone(); } diff --git a/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java b/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java index 8e2579a0f52..c3e0fe92874 100644 --- a/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java +++ b/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java @@ -212,13 +212,10 @@ public class SignerInfo implements DerEncoder { * DER encode this object onto an output stream. * Implements the {@code DerEncoder} interface. * - * @param out - * the output stream on which to write the DER encoding. - * - * @exception IOException on encoding error. + * @param out the output stream on which to write the DER encoding. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { DerOutputStream seq = new DerOutputStream(); seq.putInteger(version); DerOutputStream issuerAndSerialNumber = new DerOutputStream(); @@ -432,16 +429,11 @@ public class SignerInfo implements DerEncoder { boolean[] keyUsageBits = cert.getKeyUsage(); if (keyUsageBits != null) { KeyUsageExtension keyUsage; - try { - // We don't care whether this extension was marked - // critical in the certificate. - // We're interested only in its value (i.e., the bits set) - // and treat the extension as critical. - keyUsage = new KeyUsageExtension(keyUsageBits); - } catch (IOException ioe) { - throw new SignatureException("Failed to parse keyUsage " - + "extension"); - } + // We don't care whether this extension was marked + // critical in the certificate. + // We're interested only in its value (i.e., the bits set) + // and treat the extension as critical. + keyUsage = new KeyUsageExtension(keyUsageBits); boolean digSigAllowed = keyUsage.get(KeyUsageExtension.DIGITAL_SIGNATURE); diff --git a/src/java.base/share/classes/sun/security/pkcs10/PKCS10.java b/src/java.base/share/classes/sun/security/pkcs10/PKCS10.java index fbed70a0105..af1cc7b7752 100644 --- a/src/java.base/share/classes/sun/security/pkcs10/PKCS10.java +++ b/src/java.base/share/classes/sun/security/pkcs10/PKCS10.java @@ -195,7 +195,7 @@ public class PKCS10 { * @exception InvalidKeyException key has a problem */ public void encodeAndSign(X500Name subject, PrivateKey key, String algorithm) - throws IOException, SignatureException, + throws SignatureException, NoSuchAlgorithmException, InvalidKeyException { DerOutputStream out, scratch; @@ -217,7 +217,7 @@ public class PKCS10 { scratch = new DerOutputStream(); scratch.putInteger(BigInteger.ZERO); // PKCS #10 v1.0 subject.encode(scratch); // X.500 name - scratch.write(subjectPublicKeyInfo.getEncoded()); // public key + scratch.writeBytes(subjectPublicKeyInfo.getEncoded()); // public key attributeSet.encode(scratch); out = new DerOutputStream(); diff --git a/src/java.base/share/classes/sun/security/pkcs10/PKCS10Attribute.java b/src/java.base/share/classes/sun/security/pkcs10/PKCS10Attribute.java index 054e0c5fd46..d01029a915f 100644 --- a/src/java.base/share/classes/sun/security/pkcs10/PKCS10Attribute.java +++ b/src/java.base/share/classes/sun/security/pkcs10/PKCS10Attribute.java @@ -102,13 +102,10 @@ public class PKCS10Attribute implements DerEncoder { * DER encode this object onto an output stream. * Implements the DerEncoder interface. * - * @param out - * the OutputStream on which to write the DER encoding. - * - * @exception IOException on encoding errors. + * @param out the DerOutputStream on which to write the DER encoding. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { PKCS9Attribute attr = new PKCS9Attribute(attributeId, attributeValue); attr.encode(out); } diff --git a/src/java.base/share/classes/sun/security/pkcs10/PKCS10Attributes.java b/src/java.base/share/classes/sun/security/pkcs10/PKCS10Attributes.java index 3a3348bb485..979c5eea00c 100644 --- a/src/java.base/share/classes/sun/security/pkcs10/PKCS10Attributes.java +++ b/src/java.base/share/classes/sun/security/pkcs10/PKCS10Attributes.java @@ -91,11 +91,10 @@ public class PKCS10Attributes implements DerEncoder { * Encode the attributes in DER form to the stream. * Implements the {@code DerEncoder} interface. * - * @param out the OutputStream to marshal the contents to. - * @exception IOException on encoding errors. + * @param out the DerOutputStream to marshal the contents to. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { // first copy the elements into an array Collection allAttrs = map.values(); PKCS10Attribute[] attribs = diff --git a/src/java.base/share/classes/sun/security/pkcs12/MacData.java b/src/java.base/share/classes/sun/security/pkcs12/MacData.java index 33c2a79af1f..9a712f28ccc 100644 --- a/src/java.base/share/classes/sun/security/pkcs12/MacData.java +++ b/src/java.base/share/classes/sun/security/pkcs12/MacData.java @@ -138,7 +138,7 @@ class MacData { * @exception IOException if error occurs when constructing its * ASN.1 encoding. */ - public byte[] getEncoded() throws NoSuchAlgorithmException, IOException + public byte[] getEncoded() throws NoSuchAlgorithmException { if (this.encoded != null) return this.encoded.clone(); diff --git a/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java b/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java index 527893abaa2..253301223c5 100644 --- a/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java +++ b/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java @@ -829,38 +829,6 @@ public final class PKCS12KeyStore extends KeyStoreSpi { return algParams; } - /* - * parse Algorithm Parameters - */ - private AlgorithmParameters parseAlgParameters(ObjectIdentifier algorithm, - DerInputStream in) throws IOException - { - AlgorithmParameters algParams = null; - try { - DerValue params; - if (in.available() == 0) { - params = null; - } else { - params = in.getDerValue(); - if (params.tag == DerValue.tag_Null) { - params = null; - } - } - if (params != null) { - if (algorithm.equals(pbes2_OID)) { - algParams = AlgorithmParameters.getInstance("PBES2"); - } else { - algParams = AlgorithmParameters.getInstance("PBE"); - } - algParams.init(params.toByteArray()); - } - } catch (Exception e) { - throw new IOException("parseAlgParameters failed: " + - e.getMessage(), e); - } - return algParams; - } - /* * Generate PBE key */ @@ -1206,7 +1174,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { DerOutputStream version = new DerOutputStream(); version.putInteger(VERSION_3); byte[] pfxVersion = version.toByteArray(); - pfx.write(pfxVersion); + pfx.writeBytes(pfxVersion); // -- Create AuthSafe DerOutputStream authSafe = new DerOutputStream(); @@ -1247,7 +1215,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { // -- SEQUENCE of EncryptedData DerOutputStream encrData = new DerOutputStream(); encrData.putInteger(0); - encrData.write(encryptContent(certsData, password)); + encrData.writeBytes(encryptContent(certsData, password)); DerOutputStream encrDataContent = new DerOutputStream(); encrDataContent.write(DerValue.tag_Sequence, encrData); ContentInfo encrContentInfo = @@ -1269,7 +1237,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { ContentInfo contentInfo = new ContentInfo(authenticatedSafe); contentInfo.encode(authSafe); byte[] authSafeData = authSafe.toByteArray(); - pfx.write(authSafeData); + pfx.writeBytes(authSafeData); // -- MAC if (macAlgorithm == null) { @@ -1615,13 +1583,13 @@ public final class PKCS12KeyStore extends KeyStoreSpi { * add it, and assign it to the DN of the cert. */ private byte[] getBagAttributes(String alias, byte[] keyId, - Set attributes) throws IOException { + Set attributes) { return getBagAttributes(alias, keyId, null, attributes); } private byte[] getBagAttributes(String alias, byte[] keyId, ObjectIdentifier[] trustedUsage, - Set attributes) throws IOException { + Set attributes) { byte[] localKeyID = null; byte[] friendlyName = null; @@ -1675,13 +1643,13 @@ public final class PKCS12KeyStore extends KeyStoreSpi { DerOutputStream attrs = new DerOutputStream(); if (friendlyName != null) { - attrs.write(friendlyName); + attrs.writeBytes(friendlyName); } if (localKeyID != null) { - attrs.write(localKeyID); + attrs.writeBytes(localKeyID); } if (trustedKeyUsage != null) { - attrs.write(trustedKeyUsage); + attrs.writeBytes(trustedKeyUsage); } if (attributes != null) { @@ -1693,7 +1661,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { CORE_ATTRIBUTES[2].value().equals(attributeName)) { continue; } - attrs.write(((PKCS12Attribute) attribute).getEncoded()); + attrs.writeBytes(((PKCS12Attribute) attribute).getEncoded()); } } @@ -1706,9 +1674,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { * SafeBags of type CertBag. Each CertBag may include pkcs12 attributes * (see comments in getBagAttributes) */ - private byte[] getCertificateData() - throws CertificateException, IOException - { + private byte[] getCertificateData() throws CertificateException { DerOutputStream out = new DerOutputStream(); for (Enumeration e = engineAliases(); e.hasMoreElements(); ) { @@ -1750,7 +1716,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { // Wrap the CertBag encoding in a context-specific tag. DerOutputStream bagValue = new DerOutputStream(); - bagValue.write(certBagValue); + bagValue.writeBytes(certBagValue); // write SafeBag Value safeBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), bagValue); @@ -1784,7 +1750,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { entry.attributes); } if (bagAttrs != null) { - safeBag.write(bagAttrs); + safeBag.writeBytes(bagAttrs); } // wrap as Sequence @@ -1836,7 +1802,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { // Wrap the EncryptedPrivateKeyInfo in a context-specific tag. DerOutputStream bagValue = new DerOutputStream(); - bagValue.write(encrInfo.getEncoded()); + bagValue.writeBytes(encrInfo.getEncoded()); safeBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0), bagValue); @@ -1863,7 +1829,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { // Wrap the secret bag in a context-specific tag. DerOutputStream bagValue = new DerOutputStream(); - bagValue.write(secretBagValue); + bagValue.writeBytes(secretBagValue); // Write SafeBag value safeBag.write(DerValue.createTag(DerValue.TAG_CONTEXT, @@ -1875,7 +1841,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { // write SafeBag Attributes byte[] bagAttrs = getBagAttributes(alias, entry.keyId, entry.attributes); - safeBag.write(bagAttrs); + safeBag.writeBytes(bagAttrs); // wrap as Sequence out.write(DerValue.tag_Sequence, safeBag); @@ -1931,7 +1897,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { // create EncryptedContentInfo DerOutputStream bytes2 = new DerOutputStream(); bytes2.putOID(ContentInfo.DATA_OID); - bytes2.write(encodedAlgId); + bytes2.writeBytes(encodedAlgId); // Wrap encrypted data in a context-specific tag. DerOutputStream tmpout2 = new DerOutputStream(); diff --git a/src/java.base/share/classes/sun/security/provider/DSA.java b/src/java.base/share/classes/sun/security/provider/DSA.java index 5abe3674d13..4f3348196e1 100644 --- a/src/java.base/share/classes/sun/security/provider/DSA.java +++ b/src/java.base/share/classes/sun/security/provider/DSA.java @@ -260,18 +260,13 @@ abstract class DSA extends SignatureSpi { return outseq; } else { // Return the DER-encoded ASN.1 form - try { - DerOutputStream outseq = new DerOutputStream(100); - outseq.putInteger(r); - outseq.putInteger(s); - DerValue result = new DerValue(DerValue.tag_Sequence, - outseq.toByteArray()); + DerOutputStream outseq = new DerOutputStream(100); + outseq.putInteger(r); + outseq.putInteger(s); + DerValue result = new DerValue(DerValue.tag_Sequence, + outseq.toByteArray()); - return result.toByteArray(); - - } catch (IOException e) { - throw new SignatureException("error encoding signature"); - } + return result.toByteArray(); } } diff --git a/src/java.base/share/classes/sun/security/provider/DSAPrivateKey.java b/src/java.base/share/classes/sun/security/provider/DSAPrivateKey.java index 61152283760..e34fd3a6af1 100644 --- a/src/java.base/share/classes/sun/security/provider/DSAPrivateKey.java +++ b/src/java.base/share/classes/sun/security/provider/DSAPrivateKey.java @@ -68,15 +68,11 @@ public final class DSAPrivateKey extends PKCS8Key this.x = x; algid = new AlgIdDSA(p, q, g); - try { - byte[] xbytes = x.toByteArray(); - DerValue val = new DerValue(DerValue.tag_Integer, xbytes); - key = val.toByteArray(); - val.clear(); - Arrays.fill(xbytes, (byte)0); - } catch (IOException e) { - throw new AssertionError("Should not happen", e); - } + byte[] xbytes = x.toByteArray(); + DerValue val = new DerValue(DerValue.tag_Integer, xbytes); + key = val.toByteArray(); + val.clear(); + Arrays.fill(xbytes, (byte)0); } /** diff --git a/src/java.base/share/classes/sun/security/provider/DSAPublicKey.java b/src/java.base/share/classes/sun/security/provider/DSAPublicKey.java index 00f9b629816..12a2f87e798 100644 --- a/src/java.base/share/classes/sun/security/provider/DSAPublicKey.java +++ b/src/java.base/share/classes/sun/security/provider/DSAPublicKey.java @@ -82,20 +82,14 @@ implements java.security.interfaces.DSAPublicKey, Serializable { * @param g DSA parameter g, may be null if all of p, q, and g are null. */ public DSAPublicKey(BigInteger y, BigInteger p, BigInteger q, - BigInteger g) - throws InvalidKeyException { + BigInteger g) { this.y = y; algid = new AlgIdDSA(p, q, g); - try { - byte[] keyArray = new DerValue(DerValue.tag_Integer, - y.toByteArray()).toByteArray(); - setKey(new BitArray(keyArray.length*8, keyArray)); - encode(); - } catch (IOException e) { - throw new InvalidKeyException("could not DER encode y: " + - e.getMessage()); - } + byte[] keyArray = new DerValue(DerValue.tag_Integer, + y.toByteArray()).toByteArray(); + setKey(new BitArray(keyArray.length*8, keyArray)); + encode(); } /** diff --git a/src/java.base/share/classes/sun/security/provider/KeyProtector.java b/src/java.base/share/classes/sun/security/provider/KeyProtector.java index da55b2b2f42..0faed9db737 100644 --- a/src/java.base/share/classes/sun/security/provider/KeyProtector.java +++ b/src/java.base/share/classes/sun/security/provider/KeyProtector.java @@ -205,14 +205,9 @@ final class KeyProtector { // wrap the protected private key in a PKCS#8-style // EncryptedPrivateKeyInfo, and returns its encoding - AlgorithmId encrAlg; - try { - encrAlg = new AlgorithmId(ObjectIdentifier.of - (KnownOIDs.JAVASOFT_JDKKeyProtector)); - return new EncryptedPrivateKeyInfo(encrAlg,encrKey).getEncoded(); - } catch (IOException ioe) { - throw new KeyStoreException(ioe.getMessage()); - } + AlgorithmId encrAlg = new AlgorithmId(ObjectIdentifier.of + (KnownOIDs.JAVASOFT_JDKKeyProtector)); + return new EncryptedPrivateKeyInfo(encrAlg,encrKey).getEncoded(); } /* diff --git a/src/java.base/share/classes/sun/security/provider/certpath/CertId.java b/src/java.base/share/classes/sun/security/provider/certpath/CertId.java index c310bfb9efd..c3f6d39ba36 100644 --- a/src/java.base/share/classes/sun/security/provider/certpath/CertId.java +++ b/src/java.base/share/classes/sun/security/provider/certpath/CertId.java @@ -55,7 +55,7 @@ import sun.security.util.*; * @author Ram Marti */ -public class CertId { +public class CertId implements DerEncoder { private static final boolean debug = false; private static final AlgorithmId SHA1_ALGID @@ -154,7 +154,8 @@ public class CertId { * Encode the CertId using ASN.1 DER. * The hash algorithm used is SHA-1. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream tmp = new DerOutputStream(); hashAlgId.encode(tmp); diff --git a/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java b/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java index 36d5ef6fdef..86e063f95cd 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java @@ -199,49 +199,44 @@ public final class RSAPrivateCrtKeyImpl this.type = type; this.keyParams = keyParams; - try { - byte[][] nbytes = new byte[8][]; - nbytes[0] = n.toByteArray(); - nbytes[1] = e.toByteArray(); - nbytes[2] = d.toByteArray(); - nbytes[3] = p.toByteArray(); - nbytes[4] = q.toByteArray(); - nbytes[5] = pe.toByteArray(); - nbytes[6] = qe.toByteArray(); - nbytes[7] = coeff.toByteArray(); + byte[][] nbytes = new byte[8][]; + nbytes[0] = n.toByteArray(); + nbytes[1] = e.toByteArray(); + nbytes[2] = d.toByteArray(); + nbytes[3] = p.toByteArray(); + nbytes[4] = q.toByteArray(); + nbytes[5] = pe.toByteArray(); + nbytes[6] = qe.toByteArray(); + nbytes[7] = coeff.toByteArray(); - // Initiate with a big enough size so there's no need to - // reallocate memory later and thus can be cleaned up - // reliably. - DerOutputStream out = new DerOutputStream( - nbytes[0].length + nbytes[1].length + - nbytes[2].length + nbytes[3].length + - nbytes[4].length + nbytes[5].length + - nbytes[6].length + nbytes[7].length + - 100); // Enough for version(3) and 8 tag+length(3 or 4) - out.putInteger(0); // version must be 0 - out.putInteger(nbytes[0]); - out.putInteger(nbytes[1]); - out.putInteger(nbytes[2]); - out.putInteger(nbytes[3]); - out.putInteger(nbytes[4]); - out.putInteger(nbytes[5]); - out.putInteger(nbytes[6]); - out.putInteger(nbytes[7]); - // Private values from [2] on. - Arrays.fill(nbytes[2], (byte)0); - Arrays.fill(nbytes[3], (byte)0); - Arrays.fill(nbytes[4], (byte)0); - Arrays.fill(nbytes[5], (byte)0); - Arrays.fill(nbytes[6], (byte)0); - Arrays.fill(nbytes[7], (byte)0); - DerValue val = DerValue.wrap(DerValue.tag_Sequence, out); - key = val.toByteArray(); - val.clear(); - } catch (IOException exc) { - // should never occur - throw new InvalidKeyException(exc); - } + // Initiate with a big enough size so there's no need to + // reallocate memory later and thus can be cleaned up + // reliably. + DerOutputStream out = new DerOutputStream( + nbytes[0].length + nbytes[1].length + + nbytes[2].length + nbytes[3].length + + nbytes[4].length + nbytes[5].length + + nbytes[6].length + nbytes[7].length + + 100); // Enough for version(3) and 8 tag+length(3 or 4) + out.putInteger(0); // version must be 0 + out.putInteger(nbytes[0]); + out.putInteger(nbytes[1]); + out.putInteger(nbytes[2]); + out.putInteger(nbytes[3]); + out.putInteger(nbytes[4]); + out.putInteger(nbytes[5]); + out.putInteger(nbytes[6]); + out.putInteger(nbytes[7]); + // Private values from [2] on. + Arrays.fill(nbytes[2], (byte) 0); + Arrays.fill(nbytes[3], (byte) 0); + Arrays.fill(nbytes[4], (byte) 0); + Arrays.fill(nbytes[5], (byte) 0); + Arrays.fill(nbytes[6], (byte) 0); + Arrays.fill(nbytes[7], (byte) 0); + DerValue val = DerValue.wrap(DerValue.tag_Sequence, out); + key = val.toByteArray(); + val.clear(); } // see JCA doc diff --git a/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java b/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java index efb3258a149..7285fce33a2 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package sun.security.rsa; -import java.io.IOException; import java.math.BigInteger; import java.security.*; @@ -89,31 +88,26 @@ public final class RSAPrivateKeyImpl extends PKCS8Key implements RSAPrivateKey { this.type = type; this.keyParams = keyParams; - try { - // generate the key encoding - byte[] nbytes = n.toByteArray(); - byte[] dbytes = d.toByteArray(); - DerOutputStream out = new DerOutputStream( - nbytes.length + dbytes.length + 50); - // Enough for 7 zeroes (21) and 2 tag+length(4) - out.putInteger(0); // version must be 0 - out.putInteger(nbytes); - Arrays.fill(nbytes, (byte)0); - out.putInteger(0); - out.putInteger(dbytes); - Arrays.fill(dbytes, (byte)0); - out.putInteger(0); - out.putInteger(0); - out.putInteger(0); - out.putInteger(0); - out.putInteger(0); - DerValue val = DerValue.wrap(DerValue.tag_Sequence, out); - key = val.toByteArray(); - val.clear(); - } catch (IOException exc) { - // should never occur - throw new InvalidKeyException(exc); - } + // generate the key encoding + byte[] nbytes = n.toByteArray(); + byte[] dbytes = d.toByteArray(); + DerOutputStream out = new DerOutputStream( + nbytes.length + dbytes.length + 50); + // Enough for 7 zeroes (21) and 2 tag+length(4) + out.putInteger(0); // version must be 0 + out.putInteger(nbytes); + Arrays.fill(nbytes, (byte) 0); + out.putInteger(0); + out.putInteger(dbytes); + Arrays.fill(dbytes, (byte) 0); + out.putInteger(0); + out.putInteger(0); + out.putInteger(0); + out.putInteger(0); + out.putInteger(0); + DerValue val = DerValue.wrap(DerValue.tag_Sequence, out); + key = val.toByteArray(); + val.clear(); } // see JCA doc diff --git a/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java b/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java index 59c3f816e2e..0cff2f6768c 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java @@ -126,19 +126,14 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey { this.type = type; this.keyParams = keyParams; - try { - // generate the key encoding - DerOutputStream out = new DerOutputStream(); - out.putInteger(n); - out.putInteger(e); - byte[] keyArray = + // generate the key encoding + DerOutputStream out = new DerOutputStream(); + out.putInteger(n); + out.putInteger(e); + byte[] keyArray = new DerValue(DerValue.tag_Sequence, - out.toByteArray()).toByteArray(); - setKey(new BitArray(keyArray.length*8, keyArray)); - } catch (IOException exc) { - // should never occur - throw new InvalidKeyException(exc); - } + out.toByteArray()).toByteArray(); + setKey(new BitArray(keyArray.length * 8, keyArray)); } /** diff --git a/src/java.base/share/classes/sun/security/rsa/RSASignature.java b/src/java.base/share/classes/sun/security/rsa/RSASignature.java index 2f09ee3c0a0..b5ef4043257 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSASignature.java +++ b/src/java.base/share/classes/sun/security/rsa/RSASignature.java @@ -193,8 +193,6 @@ abstract class RSASignature extends SignatureSpi { return RSACore.rsa(padded, privateKey, true); } catch (GeneralSecurityException e) { throw new SignatureException("Could not sign data", e); - } catch (IOException e) { - throw new SignatureException("Could not encode data", e); } } diff --git a/src/java.base/share/classes/sun/security/rsa/RSAUtil.java b/src/java.base/share/classes/sun/security/rsa/RSAUtil.java index 4d78d905fbd..93f5d2f215e 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAUtil.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAUtil.java @@ -170,8 +170,7 @@ public class RSAUtil { * Encode the digest, return the to-be-signed data. * Also used by the PKCS#11 provider. */ - public static byte[] encodeSignature(ObjectIdentifier oid, byte[] digest) - throws IOException { + public static byte[] encodeSignature(ObjectIdentifier oid, byte[] digest) { DerOutputStream out = new DerOutputStream(); new AlgorithmId(oid).encode(out); out.putOctetString(digest); diff --git a/src/java.base/share/classes/sun/security/util/DerEncoder.java b/src/java.base/share/classes/sun/security/util/DerEncoder.java index 8607b466885..c1fd09c246c 100644 --- a/src/java.base/share/classes/sun/security/util/DerEncoder.java +++ b/src/java.base/share/classes/sun/security/util/DerEncoder.java @@ -25,8 +25,6 @@ package sun.security.util; -import java.io.IOException; - /** * Interface to an object that knows how to write its own DER * encoding to an output stream. @@ -40,7 +38,6 @@ public interface DerEncoder { * * @param out the stream on which the DER encoding is written. */ - void encode(DerOutputStream out) - throws IOException; + void encode(DerOutputStream out); } diff --git a/src/java.base/share/classes/sun/security/util/DerOutputStream.java b/src/java.base/share/classes/sun/security/util/DerOutputStream.java index 5a6af8de2e6..4c85cb7e604 100644 --- a/src/java.base/share/classes/sun/security/util/DerOutputStream.java +++ b/src/java.base/share/classes/sun/security/util/DerOutputStream.java @@ -26,7 +26,6 @@ package sun.security.util; import java.io.ByteArrayOutputStream; -import java.io.IOException; import java.math.BigInteger; import java.nio.charset.Charset; import java.text.SimpleDateFormat; @@ -55,8 +54,8 @@ import static java.nio.charset.StandardCharsets.UTF_8; * @author Amit Kapoor * @author Hemma Prafullchandra */ -public class DerOutputStream -extends ByteArrayOutputStream implements DerEncoder { +public final class DerOutputStream + extends ByteArrayOutputStream implements DerEncoder { /** * Construct a DER output stream. * @@ -78,10 +77,10 @@ extends ByteArrayOutputStream implements DerEncoder { * DerValue.tag_Sequence * @param buf buffered data, which must be DER-encoded */ - public DerOutputStream write(byte tag, byte[] buf) throws IOException { + public DerOutputStream write(byte tag, byte[] buf) { write(tag); putLength(buf.length); - write(buf, 0, buf.length); + writeBytes(buf); return this; } @@ -94,7 +93,7 @@ extends ByteArrayOutputStream implements DerEncoder { * DerValue.tag_Sequence * @param out buffered data */ - public DerOutputStream write(byte tag, DerOutputStream out) throws IOException { + public DerOutputStream write(byte tag, DerOutputStream out) { write(tag); putLength(out.count); write(out.buf, 0, out.count); @@ -118,8 +117,7 @@ extends ByteArrayOutputStream implements DerEncoder { * explicit tagging the form is always constructed. * @param value original value being implicitly tagged */ - public DerOutputStream writeImplicit(byte tag, DerOutputStream value) - throws IOException { + public DerOutputStream writeImplicit(byte tag, DerOutputStream value) { write(tag); write(value.buf, 1, value.count-1); return this; @@ -128,7 +126,7 @@ extends ByteArrayOutputStream implements DerEncoder { /** * Marshals pre-encoded DER value onto the output stream. */ - public DerOutputStream putDerValue(DerValue val) throws IOException { + public DerOutputStream putDerValue(DerValue val) { val.encode(this); return this; } @@ -144,7 +142,7 @@ extends ByteArrayOutputStream implements DerEncoder { /** * Marshals a DER boolean on the output stream. */ - public DerOutputStream putBoolean(boolean val) throws IOException { + public DerOutputStream putBoolean(boolean val) { write(DerValue.tag_Boolean); putLength(1); if (val) { @@ -159,7 +157,7 @@ extends ByteArrayOutputStream implements DerEncoder { * Marshals a DER enumerated on the output stream. * @param i the enumerated value. */ - public DerOutputStream putEnumerated(int i) throws IOException { + public DerOutputStream putEnumerated(int i) { write(DerValue.tag_Enumerated); putIntegerContents(i); return this; @@ -170,11 +168,11 @@ extends ByteArrayOutputStream implements DerEncoder { * * @param i the integer in the form of a BigInteger. */ - public DerOutputStream putInteger(BigInteger i) throws IOException { + public DerOutputStream putInteger(BigInteger i) { write(DerValue.tag_Integer); byte[] buf = i.toByteArray(); // least number of bytes putLength(buf.length); - write(buf, 0, buf.length); + writeBytes(buf); return this; } @@ -183,10 +181,10 @@ extends ByteArrayOutputStream implements DerEncoder { * * @param buf the integer in bytes, equivalent to BigInteger::toByteArray. */ - public DerOutputStream putInteger(byte[] buf) throws IOException { + public DerOutputStream putInteger(byte[] buf) { write(DerValue.tag_Integer); putLength(buf.length); - write(buf, 0, buf.length); + writeBytes(buf); return this; } @@ -194,7 +192,7 @@ extends ByteArrayOutputStream implements DerEncoder { * Marshals a DER integer on the output stream. * @param i the integer in the form of an Integer. */ - public DerOutputStream putInteger(Integer i) throws IOException { + public DerOutputStream putInteger(Integer i) { return putInteger(i.intValue()); } @@ -202,13 +200,13 @@ extends ByteArrayOutputStream implements DerEncoder { * Marshals a DER integer on the output stream. * @param i the integer. */ - public DerOutputStream putInteger(int i) throws IOException { + public DerOutputStream putInteger(int i) { write(DerValue.tag_Integer); putIntegerContents(i); return this; } - private void putIntegerContents(int i) throws IOException { + private void putIntegerContents(int i) { byte[] bytes = new byte[4]; int start = 0; @@ -258,11 +256,11 @@ extends ByteArrayOutputStream implements DerEncoder { * * @param bits the bit string, MSB first */ - public DerOutputStream putBitString(byte[] bits) throws IOException { + public DerOutputStream putBitString(byte[] bits) { write(DerValue.tag_BitString); putLength(bits.length + 1); write(0); // all of last octet is used - write(bits); + writeBytes(bits); return this; } @@ -272,13 +270,13 @@ extends ByteArrayOutputStream implements DerEncoder { * * @param ba the bit string, MSB first */ - public DerOutputStream putUnalignedBitString(BitArray ba) throws IOException { + public DerOutputStream putUnalignedBitString(BitArray ba) { byte[] bits = ba.toByteArray(); write(DerValue.tag_BitString); putLength(bits.length + 1); write(bits.length*8 - ba.length()); // excess bits in last octet - write(bits); + writeBytes(bits); return this; } @@ -288,7 +286,7 @@ extends ByteArrayOutputStream implements DerEncoder { * * @param ba the bit string, MSB first */ - public DerOutputStream putTruncatedUnalignedBitString(BitArray ba) throws IOException { + public DerOutputStream putTruncatedUnalignedBitString(BitArray ba) { return putUnalignedBitString(ba.truncate()); } @@ -297,7 +295,7 @@ extends ByteArrayOutputStream implements DerEncoder { * * @param octets the octet string */ - public DerOutputStream putOctetString(byte[] octets) throws IOException { + public DerOutputStream putOctetString(byte[] octets) { return write(DerValue.tag_OctetString, octets); } @@ -305,7 +303,7 @@ extends ByteArrayOutputStream implements DerEncoder { * Marshals a DER "null" value on the output stream. These are * often used to indicate optional values which have been omitted. */ - public DerOutputStream putNull() throws IOException { + public DerOutputStream putNull() { write(DerValue.tag_Null); putLength(0); return this; @@ -315,7 +313,7 @@ extends ByteArrayOutputStream implements DerEncoder { * Marshals an object identifier (OID) on the output stream. * Corresponds to the ASN.1 "OBJECT IDENTIFIER" construct. */ - public DerOutputStream putOID(ObjectIdentifier oid) throws IOException { + public DerOutputStream putOID(ObjectIdentifier oid) { oid.encode(this); return this; } @@ -325,7 +323,7 @@ extends ByteArrayOutputStream implements DerEncoder { * the ASN.1 "SEQUENCE" (zero to N values) and "SEQUENCE OF" * (one to N values) constructs. */ - public DerOutputStream putSequence(DerValue[] seq) throws IOException { + public DerOutputStream putSequence(DerValue[] seq) { DerOutputStream bytes = new DerOutputStream(); int i; @@ -342,7 +340,7 @@ extends ByteArrayOutputStream implements DerEncoder { * * For DER encoding, use orderedPutSet() or orderedPutSetOf(). */ - public DerOutputStream putSet(DerValue[] set) throws IOException { + public DerOutputStream putSet(DerValue[] set) { DerOutputStream bytes = new DerOutputStream(); int i; @@ -362,7 +360,7 @@ extends ByteArrayOutputStream implements DerEncoder { * This method supports the ASN.1 "SET OF" construct, but not * "SET", which uses a different order. */ - public DerOutputStream putOrderedSetOf(byte tag, DerEncoder[] set) throws IOException { + public DerOutputStream putOrderedSetOf(byte tag, DerEncoder[] set) { return putOrderedSet(tag, set, lexOrder); } @@ -376,7 +374,7 @@ extends ByteArrayOutputStream implements DerEncoder { * This method supports the ASN.1 "SET" construct, but not * "SET OF", which uses a different order. */ - public DerOutputStream putOrderedSet(byte tag, DerEncoder[] set) throws IOException { + public DerOutputStream putOrderedSet(byte tag, DerEncoder[] set) { return putOrderedSet(tag, set, tagOrder); } @@ -399,7 +397,7 @@ extends ByteArrayOutputStream implements DerEncoder { * @param order the order to use when sorting encodings of components. */ private DerOutputStream putOrderedSet(byte tag, DerEncoder[] set, - Comparator order) throws IOException { + Comparator order) { DerOutputStream[] streams = new DerOutputStream[set.length]; for (int i = 0; i < set.length; i++) { @@ -416,7 +414,7 @@ extends ByteArrayOutputStream implements DerEncoder { DerOutputStream bytes = new DerOutputStream(); for (int i = 0; i < streams.length; i++) { - bytes.write(bufs[i]); + bytes.writeBytes(bufs[i]); } return write(tag, bytes); } @@ -424,21 +422,21 @@ extends ByteArrayOutputStream implements DerEncoder { /** * Marshals a string as a DER encoded UTF8String. */ - public DerOutputStream putUTF8String(String s) throws IOException { + public DerOutputStream putUTF8String(String s) { return writeString(s, DerValue.tag_UTF8String, UTF_8); } /** * Marshals a string as a DER encoded PrintableString. */ - public DerOutputStream putPrintableString(String s) throws IOException { + public DerOutputStream putPrintableString(String s) { return writeString(s, DerValue.tag_PrintableString, US_ASCII); } /** * Marshals a string as a DER encoded T61String. */ - public DerOutputStream putT61String(String s) throws IOException { + public DerOutputStream putT61String(String s) { /* * Works for characters that are defined in both ASCII and * T61. @@ -449,21 +447,21 @@ extends ByteArrayOutputStream implements DerEncoder { /** * Marshals a string as a DER encoded IA5String. */ - public DerOutputStream putIA5String(String s) throws IOException { + public DerOutputStream putIA5String(String s) { return writeString(s, DerValue.tag_IA5String, US_ASCII); } /** * Marshals a string as a DER encoded BMPString. */ - public DerOutputStream putBMPString(String s) throws IOException { + public DerOutputStream putBMPString(String s) { return writeString(s, DerValue.tag_BMPString, UTF_16BE); } /** * Marshals a string as a DER encoded GeneralString. */ - public DerOutputStream putGeneralString(String s) throws IOException { + public DerOutputStream putGeneralString(String s) { return writeString(s, DerValue.tag_GeneralString, US_ASCII); } @@ -475,13 +473,12 @@ extends ByteArrayOutputStream implements DerEncoder { * @param charset the charset that should be used corresponding to * the above tag. */ - private DerOutputStream writeString(String s, byte stringTag, Charset charset) - throws IOException { + private DerOutputStream writeString(String s, byte stringTag, Charset charset) { byte[] data = s.getBytes(charset); write(stringTag); putLength(data.length); - write(data); + writeBytes(data); return this; } @@ -491,7 +488,7 @@ extends ByteArrayOutputStream implements DerEncoder { *

YYMMDDhhmmss{Z|+hhmm|-hhmm} ... emits only using Zulu time * and with seconds (even if seconds=0) as per RFC 5280. */ - public DerOutputStream putUTCTime(Date d) throws IOException { + public DerOutputStream putUTCTime(Date d) { return putTime(d, DerValue.tag_UtcTime); } @@ -501,7 +498,7 @@ extends ByteArrayOutputStream implements DerEncoder { *

YYYYMMDDhhmmss{Z|+hhmm|-hhmm} ... emits only using Zulu time * and with seconds (even if seconds=0) as per RFC 5280. */ - public DerOutputStream putGeneralizedTime(Date d) throws IOException { + public DerOutputStream putGeneralizedTime(Date d) { return putTime(d, DerValue.tag_GeneralizedTime); } @@ -512,7 +509,7 @@ extends ByteArrayOutputStream implements DerEncoder { * @param d the date to be marshalled * @param tag the tag for UTC Time or Generalized Time */ - private DerOutputStream putTime(Date d, byte tag) throws IOException { + private DerOutputStream putTime(Date d, byte tag) { /* * Format the date. @@ -538,7 +535,7 @@ extends ByteArrayOutputStream implements DerEncoder { write(tag); putLength(time.length); - write(time); + writeBytes(time); return this; } @@ -546,9 +543,8 @@ extends ByteArrayOutputStream implements DerEncoder { * Put the encoding of the length in the stream. * * @param len the length of the attribute. - * @exception IOException on writing errors. */ - public void putLength(int len) throws IOException { + public void putLength(int len) { if (len < 128) { write((byte)len); @@ -579,20 +575,17 @@ extends ByteArrayOutputStream implements DerEncoder { /** * Write the current contents of this DerOutputStream * to an OutputStream. - * - * @exception IOException on output error. */ @Override - public void encode(DerOutputStream out) throws IOException { - out.write(toByteArray()); + public void encode(DerOutputStream out) { + out.writeBytes(toByteArray()); } /** * Write a DerEncoder onto the output stream. * @param encoder the DerEncoder - * @throws IOException on output error */ - public DerOutputStream write(DerEncoder encoder) throws IOException { + public DerOutputStream write(DerEncoder encoder) { encoder.encode(this); return this; } diff --git a/src/java.base/share/classes/sun/security/util/DerValue.java b/src/java.base/share/classes/sun/security/util/DerValue.java index 6dd432721b9..90c73d12b27 100644 --- a/src/java.base/share/classes/sun/security/util/DerValue.java +++ b/src/java.base/share/classes/sun/security/util/DerValue.java @@ -493,7 +493,7 @@ public class DerValue { /** * Encode an ASN1/DER encoded datum onto a DER output stream. */ - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { out.write(tag); out.putLength(end - start); out.write(buffer, start, end - start); @@ -774,7 +774,7 @@ public class DerValue { * Helper routine to return all the bytes contained in the * DerInputStream associated with this object. */ - public byte[] getDataBytes() throws IOException { + public byte[] getDataBytes() { data.pos = data.end; // Compatibility. Reach end. return Arrays.copyOfRange(buffer, start, end); } @@ -1133,7 +1133,7 @@ public class DerValue { * * @return DER-encoded value, including tag and length. */ - public byte[] toByteArray() throws IOException { + public byte[] toByteArray() { data.pos = data.start; // Compatibility. At head. // Minimize content duplication by writing out tag and length only DerOutputStream out = new DerOutputStream(); diff --git a/src/java.base/share/classes/sun/security/util/NamedCurve.java b/src/java.base/share/classes/sun/security/util/NamedCurve.java index b4f128b0bd6..68a92f51cf9 100644 --- a/src/java.base/share/classes/sun/security/util/NamedCurve.java +++ b/src/java.base/share/classes/sun/security/util/NamedCurve.java @@ -25,7 +25,6 @@ package sun.security.util; -import java.io.IOException; import java.math.BigInteger; import java.security.spec.ECParameterSpec; import java.security.spec.ECPoint; @@ -59,11 +58,7 @@ public final class NamedCurve extends ECParameterSpec { this.oid = ko.value(); DerOutputStream out = new DerOutputStream(); - try { - out.putOID(ObjectIdentifier.of(ko)); - } catch (IOException e) { - throw new RuntimeException("Internal error", e); - } + out.putOID(ObjectIdentifier.of(ko)); encoded = out.toByteArray(); } diff --git a/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java b/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java index d1dde735a7e..6181bf223e9 100644 --- a/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java +++ b/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java @@ -324,7 +324,7 @@ public final class ObjectIdentifier implements Serializable { /* * n.b. the only public interface is DerOutputStream.putOID() */ - void encode(DerOutputStream out) throws IOException { + void encode(DerOutputStream out) { out.write (DerValue.tag_ObjectId, encoding); } diff --git a/src/java.base/share/classes/sun/security/x509/AVA.java b/src/java.base/share/classes/sun/security/x509/AVA.java index 0c4a97cd3ca..236c78669e3 100644 --- a/src/java.base/share/classes/sun/security/x509/AVA.java +++ b/src/java.base/share/classes/sun/security/x509/AVA.java @@ -620,14 +620,11 @@ public class AVA implements DerEncoder { * DER encode this object onto an output stream. * Implements the DerEncoder interface. * - * @param out - * the output stream on which to write the DER encoding. - * - * @exception IOException on encoding error. + * @param out the output stream on which to write the DER encoding. */ @Override - public void encode(DerOutputStream out) throws IOException { - DerOutputStream tmp = new DerOutputStream(); + public void encode(DerOutputStream out) { + DerOutputStream tmp = new DerOutputStream(); tmp.putOID(oid); value.encode(tmp); @@ -705,12 +702,7 @@ public class AVA implements DerEncoder { if ((typeAndValue.charAt(0) >= '0' && typeAndValue.charAt(0) <= '9') || !isDerString(value, false)) { - byte[] data; - try { - data = value.toByteArray(); - } catch (IOException ie) { - throw new IllegalArgumentException("DER Value conversion"); - } + byte[] data = value.toByteArray(); typeAndValue.append('#'); HexFormat.of().formatHex(typeAndValue, data); } else { @@ -722,12 +714,7 @@ public class AVA implements DerEncoder { * NOTE: this implementation only emits DirectoryStrings of the * types returned by isDerString(). */ - String valStr; - try { - valStr = new String(value.getDataBytes(), UTF_8); - } catch (IOException ie) { - throw new IllegalArgumentException("DER Value conversion"); - } + String valStr = new String(value.getDataBytes(), UTF_8); /* * 2.4 (cont): If the UTF-8 string does not have any of the @@ -840,12 +827,7 @@ public class AVA implements DerEncoder { if ((typeAndValue.charAt(0) >= '0' && typeAndValue.charAt(0) <= '9') || !isDerString(value, true)) { - byte[] data; - try { - data = value.toByteArray(); - } catch (IOException ie) { - throw new IllegalArgumentException("DER Value conversion"); - } + byte[] data = value.toByteArray(); typeAndValue.append('#'); HexFormat.of().formatHex(typeAndValue, data); } else { @@ -857,12 +839,7 @@ public class AVA implements DerEncoder { * NOTE: this implementation only emits DirectoryStrings of the * types returned by isDerString(). */ - String valStr; - try { - valStr = new String(value.getDataBytes(), UTF_8); - } catch (IOException ie) { - throw new IllegalArgumentException("DER Value conversion"); - } + String valStr = new String(value.getDataBytes(), UTF_8); /* * 2.4 (cont): If the UTF-8 string does not have any of the diff --git a/src/java.base/share/classes/sun/security/x509/AccessDescription.java b/src/java.base/share/classes/sun/security/x509/AccessDescription.java index 7b59269fddd..30ff05101b8 100644 --- a/src/java.base/share/classes/sun/security/x509/AccessDescription.java +++ b/src/java.base/share/classes/sun/security/x509/AccessDescription.java @@ -72,7 +72,7 @@ public final class AccessDescription { return accessLocation; } - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { DerOutputStream tmp = new DerOutputStream(); tmp.putOID(accessMethod); accessLocation.encode(tmp); diff --git a/src/java.base/share/classes/sun/security/x509/AlgorithmId.java b/src/java.base/share/classes/sun/security/x509/AlgorithmId.java index a1f542f1b03..f4bfa9822e5 100644 --- a/src/java.base/share/classes/sun/security/x509/AlgorithmId.java +++ b/src/java.base/share/classes/sun/security/x509/AlgorithmId.java @@ -153,13 +153,10 @@ public class AlgorithmId implements Serializable, DerEncoder { * DER encode this object onto an output stream. * Implements the DerEncoder interface. * - * @param out - * the output stream on which to write the DER encoding. - * - * @exception IOException on encoding error. + * @param out the output stream on which to write the DER encoding. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { DerOutputStream bytes = new DerOutputStream(); bytes.putOID(algid); @@ -220,7 +217,7 @@ public class AlgorithmId implements Serializable, DerEncoder { bytes.putNull(); } } else { - bytes.write(encodedParams); + bytes.writeBytes(encodedParams); } out.write(DerValue.tag_Sequence, bytes); } @@ -229,7 +226,7 @@ public class AlgorithmId implements Serializable, DerEncoder { /** * Returns the DER-encoded X.509 AlgorithmId as a byte array. */ - public final byte[] encode() throws IOException { + public final byte[] encode() { DerOutputStream out = new DerOutputStream(); encode(out); return out.toByteArray(); diff --git a/src/java.base/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java b/src/java.base/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java index a3df2cca80b..35b1ef094df 100644 --- a/src/java.base/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java +++ b/src/java.base/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java @@ -76,10 +76,9 @@ public class AuthorityInfoAccessExtension extends Extension { * * @param accessDescriptions the List of AccessDescription, * cannot be null or empty. - * @throws IOException on error */ public AuthorityInfoAccessExtension( - List accessDescriptions) throws IOException { + List accessDescriptions) { if (accessDescriptions == null || accessDescriptions.isEmpty()) { throw new IllegalArgumentException("accessDescriptions is null or empty"); } @@ -138,10 +137,9 @@ public class AuthorityInfoAccessExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { this.extensionId = PKIXExtensions.AuthInfoAccess_Id; this.critical = false; @@ -151,7 +149,7 @@ public class AuthorityInfoAccessExtension extends Extension { } // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { if (accessDescriptions.isEmpty()) { this.extensionValue = null; } else { diff --git a/src/java.base/share/classes/sun/security/x509/AuthorityKeyIdentifierExtension.java b/src/java.base/share/classes/sun/security/x509/AuthorityKeyIdentifierExtension.java index ffc3546faec..3fe5ade72ee 100644 --- a/src/java.base/share/classes/sun/security/x509/AuthorityKeyIdentifierExtension.java +++ b/src/java.base/share/classes/sun/security/x509/AuthorityKeyIdentifierExtension.java @@ -65,7 +65,7 @@ public class AuthorityKeyIdentifierExtension extends Extension { private SerialNumber serialNum = null; // Encode only the extension value - private void encodeThis() throws IOException { + private void encodeThis() { if (id == null && names == null && serialNum == null) { this.extensionValue = null; return; @@ -78,15 +78,11 @@ public class AuthorityKeyIdentifierExtension extends Extension { tmp.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, false, TAG_ID), tmp1); } - try { - if (names != null) { - DerOutputStream tmp1 = new DerOutputStream(); - names.encode(tmp1); - tmp.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, - true, TAG_NAMES), tmp1); - } - } catch (Exception e) { - throw new IOException(e.toString()); + if (names != null) { + DerOutputStream tmp1 = new DerOutputStream(); + names.encode(tmp1); + tmp.writeImplicit(DerValue.createTag(DerValue.TAG_CONTEXT, + true, TAG_NAMES), tmp1); } if (serialNum != null) { DerOutputStream tmp1 = new DerOutputStream(); @@ -106,11 +102,9 @@ public class AuthorityKeyIdentifierExtension extends Extension { * @param names the GeneralNames associated with this extension * @param sn the CertificateSerialNumber associated with * this extension. - * @exception IOException on error. */ public AuthorityKeyIdentifierExtension(KeyIdentifier kid, GeneralNames names, - SerialNumber sn) - throws IOException { + SerialNumber sn) { if (kid == null && names == null && sn == null) { throw new IllegalArgumentException( "AuthorityKeyIdentifierExtension cannot be empty"); @@ -205,10 +199,9 @@ public class AuthorityKeyIdentifierExtension extends Extension { * Write the extension to the OutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on error. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { extensionId = PKIXExtensions.AuthorityKey_Id; critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/BasicConstraintsExtension.java b/src/java.base/share/classes/sun/security/x509/BasicConstraintsExtension.java index 1e2e452e5ac..c6d73fbfafa 100644 --- a/src/java.base/share/classes/sun/security/x509/BasicConstraintsExtension.java +++ b/src/java.base/share/classes/sun/security/x509/BasicConstraintsExtension.java @@ -56,7 +56,7 @@ public class BasicConstraintsExtension extends Extension { private int pathLen = -1; // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { DerOutputStream out = new DerOutputStream(); DerOutputStream tmp = new DerOutputStream(); @@ -78,7 +78,7 @@ public class BasicConstraintsExtension extends Extension { * @param ca true, if the subject of the Certificate is a CA. * @param len specifies the depth of the certification path. */ - public BasicConstraintsExtension(boolean ca, int len) throws IOException { + public BasicConstraintsExtension(boolean ca, int len) { this(Boolean.valueOf(ca), ca, len); } @@ -89,8 +89,7 @@ public class BasicConstraintsExtension extends Extension { * @param ca true, if the subject of the Certificate is a CA. * @param len specifies the depth of the certification path. */ - public BasicConstraintsExtension(Boolean critical, boolean ca, int len) - throws IOException { + public BasicConstraintsExtension(Boolean critical, boolean ca, int len) { this.ca = ca; this.pathLen = len; this.extensionId = PKIXExtensions.BasicConstraints_Id; @@ -178,7 +177,7 @@ public class BasicConstraintsExtension extends Extension { * @param out the DerOutputStream to encode the extension to. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { this.extensionId = PKIXExtensions.BasicConstraints_Id; critical = ca; diff --git a/src/java.base/share/classes/sun/security/x509/CRLDistributionPointsExtension.java b/src/java.base/share/classes/sun/security/x509/CRLDistributionPointsExtension.java index 4d9e11808c1..63e59ffda86 100644 --- a/src/java.base/share/classes/sun/security/x509/CRLDistributionPointsExtension.java +++ b/src/java.base/share/classes/sun/security/x509/CRLDistributionPointsExtension.java @@ -93,10 +93,9 @@ public class CRLDistributionPointsExtension extends Extension { * DistributionPoint; the criticality is set to false. * * @param distributionPoints the list of distribution points - * @throws IOException on error */ public CRLDistributionPointsExtension( - List distributionPoints) throws IOException { + List distributionPoints) { this(false, distributionPoints); } @@ -108,10 +107,9 @@ public class CRLDistributionPointsExtension extends Extension { * @param isCritical the criticality setting. * @param distributionPoints the list of distribution points, * cannot be null or empty. - * @throws IOException on error */ public CRLDistributionPointsExtension(boolean isCritical, - List distributionPoints) throws IOException { + List distributionPoints) { this(PKIXExtensions.CRLDistributionPoints_Id, isCritical, distributionPoints, NAME); @@ -122,7 +120,7 @@ public class CRLDistributionPointsExtension extends Extension { */ protected CRLDistributionPointsExtension(ObjectIdentifier extensionId, boolean isCritical, List distributionPoints, - String extensionName) throws IOException { + String extensionName) { if (distributionPoints == null || distributionPoints.isEmpty()) { throw new IllegalArgumentException( @@ -189,10 +187,9 @@ public class CRLDistributionPointsExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { encode(out, PKIXExtensions.CRLDistributionPoints_Id, false); } @@ -201,7 +198,7 @@ public class CRLDistributionPointsExtension extends Extension { * (Also called by the subclass) */ protected void encode(DerOutputStream out, ObjectIdentifier extensionId, - boolean isCritical) throws IOException { + boolean isCritical) { if (this.extensionValue == null) { this.extensionId = extensionId; @@ -221,7 +218,7 @@ public class CRLDistributionPointsExtension extends Extension { // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { if (distributionPoints.isEmpty()) { this.extensionValue = null; } else { diff --git a/src/java.base/share/classes/sun/security/x509/CRLExtensions.java b/src/java.base/share/classes/sun/security/x509/CRLExtensions.java index 646af05da7b..17f9aa220a3 100644 --- a/src/java.base/share/classes/sun/security/x509/CRLExtensions.java +++ b/src/java.base/share/classes/sun/security/x509/CRLExtensions.java @@ -137,30 +137,24 @@ public class CRLExtensions { * @param out the DerOutputStream to marshal the contents to. * @param isExplicit the tag indicating whether this is an entry * extension (false) or a CRL extension (true). - * @exception CRLException on encoding errors. */ - public void encode(OutputStream out, boolean isExplicit) - throws CRLException { - try { - DerOutputStream extOut = new DerOutputStream(); - for (Extension ext : map.values()) { - ext.encode(extOut); - } - - DerOutputStream seq = new DerOutputStream(); - seq.write(DerValue.tag_Sequence, extOut); - - DerOutputStream tmp = new DerOutputStream(); - if (isExplicit) - tmp.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte)0), seq); - else - tmp = seq; - - out.write(tmp.toByteArray()); - } catch (IOException e) { - throw new CRLException("Encoding error: " + e.toString()); + public void encode(DerOutputStream out, boolean isExplicit) { + DerOutputStream extOut = new DerOutputStream(); + for (Extension ext : map.values()) { + ext.encode(extOut); } + + DerOutputStream seq = new DerOutputStream(); + seq.write(DerValue.tag_Sequence, extOut); + + DerOutputStream tmp = new DerOutputStream(); + if (isExplicit) + tmp.write(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte) 0), seq); + else + tmp = seq; + + out.writeBytes(tmp.toByteArray()); } /** diff --git a/src/java.base/share/classes/sun/security/x509/CRLNumberExtension.java b/src/java.base/share/classes/sun/security/x509/CRLNumberExtension.java index 73fd5ca2d68..7e22436fd4f 100644 --- a/src/java.base/share/classes/sun/security/x509/CRLNumberExtension.java +++ b/src/java.base/share/classes/sun/security/x509/CRLNumberExtension.java @@ -53,7 +53,7 @@ public class CRLNumberExtension extends Extension { private final String extensionLabel; // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { if (crlNumber == null) { this.extensionValue = null; return; @@ -69,7 +69,7 @@ public class CRLNumberExtension extends Extension { * * @param crlNum the value to be set for the extension. */ - public CRLNumberExtension(int crlNum) throws IOException { + public CRLNumberExtension(int crlNum) { this(PKIXExtensions.CRLNumber_Id, false, BigInteger.valueOf(crlNum), NAME, LABEL); } @@ -80,7 +80,7 @@ public class CRLNumberExtension extends Extension { * * @param crlNum the value to be set for the extension, cannot be null */ - public CRLNumberExtension(BigInteger crlNum) throws IOException { + public CRLNumberExtension(BigInteger crlNum) { this(PKIXExtensions.CRLNumber_Id, false, crlNum, NAME, LABEL); } @@ -88,8 +88,8 @@ public class CRLNumberExtension extends Extension { * Creates the extension (also called by the subclass). */ protected CRLNumberExtension(ObjectIdentifier extensionId, - boolean isCritical, BigInteger crlNum, String extensionName, - String extensionLabel) throws IOException { + boolean isCritical, BigInteger crlNum, String extensionName, + String extensionLabel) { if (crlNum == null) { throw new IllegalArgumentException("CRL number cannot be null"); @@ -158,10 +158,9 @@ public class CRLNumberExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { encode(out, PKIXExtensions.CRLNumber_Id, true); } @@ -170,7 +169,7 @@ public class CRLNumberExtension extends Extension { * (Also called by the subclass) */ protected void encode(DerOutputStream out, ObjectIdentifier extensionId, - boolean isCritical) throws IOException { + boolean isCritical) { if (this.extensionValue == null) { this.extensionId = extensionId; diff --git a/src/java.base/share/classes/sun/security/x509/CRLReasonCodeExtension.java b/src/java.base/share/classes/sun/security/x509/CRLReasonCodeExtension.java index 58f8d03dec2..af88e90cf89 100644 --- a/src/java.base/share/classes/sun/security/x509/CRLReasonCodeExtension.java +++ b/src/java.base/share/classes/sun/security/x509/CRLReasonCodeExtension.java @@ -45,7 +45,7 @@ public class CRLReasonCodeExtension extends Extension { private int reasonCode; - private void encodeThis() throws IOException { + private void encodeThis() { if (reasonCode == 0) { this.extensionValue = null; return; @@ -71,8 +71,7 @@ public class CRLReasonCodeExtension extends Extension { * @param critical true if the extension is to be treated as critical. * @param reason the enumerated value for the reason code, must be positive. */ - public CRLReasonCodeExtension(boolean critical, int reason) - throws IOException { + public CRLReasonCodeExtension(boolean critical, int reason) { if (reason <= 0) { throw new IllegalArgumentException("reason code must be positive"); } @@ -110,10 +109,9 @@ public class CRLReasonCodeExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { this.extensionId = PKIXExtensions.ReasonCode_Id; this.critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/CertificateAlgorithmId.java b/src/java.base/share/classes/sun/security/x509/CertificateAlgorithmId.java index c74c069c8ab..d0c4a3a7313 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificateAlgorithmId.java +++ b/src/java.base/share/classes/sun/security/x509/CertificateAlgorithmId.java @@ -85,10 +85,9 @@ public class CertificateAlgorithmId implements DerEncoder { * Encode the algorithm identifier in DER form to the stream. * * @param out the DerOutputStream to marshal the contents to. - * @exception IOException on errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { algId.encode(out); } diff --git a/src/java.base/share/classes/sun/security/x509/CertificateExtensions.java b/src/java.base/share/classes/sun/security/x509/CertificateExtensions.java index a077e0c187d..ff26880680e 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificateExtensions.java +++ b/src/java.base/share/classes/sun/security/x509/CertificateExtensions.java @@ -137,11 +137,9 @@ public class CertificateExtensions implements DerEncoder { * the context specific tag as needed in the X.509 v3 certificate. * * @param out the DerOutputStream to marshal the contents to. - * @exception CertificateException on encoding errors. - * @exception IOException on errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { encode(out, false); } @@ -150,11 +148,8 @@ public class CertificateExtensions implements DerEncoder { * * @param out the DerOutputStream to marshal the contents to. * @param isCertReq if true then no context specific tag is added. - * @exception CertificateException on encoding errors. - * @exception IOException on errors. */ - public void encode(DerOutputStream out, boolean isCertReq) - throws IOException { + public void encode(DerOutputStream out, boolean isCertReq) { DerOutputStream extOut = new DerOutputStream(); for (Extension ext : map.values()) { ext.encode(extOut); diff --git a/src/java.base/share/classes/sun/security/x509/CertificateIssuerExtension.java b/src/java.base/share/classes/sun/security/x509/CertificateIssuerExtension.java index 6b22a29199c..939a601113f 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificateIssuerExtension.java +++ b/src/java.base/share/classes/sun/security/x509/CertificateIssuerExtension.java @@ -66,7 +66,7 @@ public class CertificateIssuerExtension extends Extension { /** * Encode this extension */ - private void encodeThis() throws IOException { + private void encodeThis() { if (names == null || names.isEmpty()) { this.extensionValue = null; return; @@ -81,9 +81,8 @@ public class CertificateIssuerExtension extends Extension { * Criticality is automatically set to true. * * @param issuer the certificate issuer, cannot be null or empty. - * @throws IOException on error */ - public CertificateIssuerExtension(GeneralNames issuer) throws IOException { + public CertificateIssuerExtension(GeneralNames issuer) { if (issuer == null || issuer.isEmpty()) { throw new IllegalArgumentException("issuer cannot be null or empty"); } @@ -128,10 +127,9 @@ public class CertificateIssuerExtension extends Extension { * Write the extension to the OutputStream. * * @param out the DerOutputStream to write the extension to - * @exception IOException on encoding errors */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.CertificateIssuer_Id; critical = true; diff --git a/src/java.base/share/classes/sun/security/x509/CertificatePoliciesExtension.java b/src/java.base/share/classes/sun/security/x509/CertificatePoliciesExtension.java index 58f88534c5a..5570cc8d777 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificatePoliciesExtension.java +++ b/src/java.base/share/classes/sun/security/x509/CertificatePoliciesExtension.java @@ -74,7 +74,7 @@ public class CertificatePoliciesExtension extends Extension { private List certPolicies; // Encode this extension value. - private void encodeThis() throws IOException { + private void encodeThis() { if (certPolicies == null || certPolicies.isEmpty()) { this.extensionValue = null; } else { @@ -96,8 +96,7 @@ public class CertificatePoliciesExtension extends Extension { * * @param certPolicies the List of PolicyInformation. */ - public CertificatePoliciesExtension(List certPolicies) - throws IOException { + public CertificatePoliciesExtension(List certPolicies) { this(Boolean.FALSE, certPolicies); } @@ -109,7 +108,7 @@ public class CertificatePoliciesExtension extends Extension { * @param certPolicies the List of PolicyInformation, cannot be null or empty. */ public CertificatePoliciesExtension(Boolean critical, - List certPolicies) throws IOException { + List certPolicies) { if (certPolicies == null || certPolicies.isEmpty()) { throw new IllegalArgumentException( "certificate policies cannot be null or empty"); @@ -168,10 +167,9 @@ public class CertificatePoliciesExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.CertificatePolicies_Id; critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/CertificatePolicyId.java b/src/java.base/share/classes/sun/security/x509/CertificatePolicyId.java index fa66fc1d8a8..b1bfbfabe0f 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificatePolicyId.java +++ b/src/java.base/share/classes/sun/security/x509/CertificatePolicyId.java @@ -37,7 +37,7 @@ import sun.security.util.*; * @author Amit Kapoor * @author Hemma Prafullchandra */ -public class CertificatePolicyId { +public class CertificatePolicyId implements DerEncoder { private final ObjectIdentifier id; /** @@ -79,9 +79,9 @@ public class CertificatePolicyId { * Write the CertificatePolicyId to the DerOutputStream. * * @param out the DerOutputStream to write the object to. - * @exception IOException on errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { out.putOID(id); } diff --git a/src/java.base/share/classes/sun/security/x509/CertificatePolicyMap.java b/src/java.base/share/classes/sun/security/x509/CertificatePolicyMap.java index 50e758b0b36..fdf51fc77b6 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificatePolicyMap.java +++ b/src/java.base/share/classes/sun/security/x509/CertificatePolicyMap.java @@ -36,7 +36,7 @@ import sun.security.util.*; * @author Amit Kapoor * @author Hemma Prafullchandra */ -public class CertificatePolicyMap { +public class CertificatePolicyMap implements DerEncoder { private final CertificatePolicyId issuerDomain; private final CertificatePolicyId subjectDomain; @@ -94,9 +94,9 @@ public class CertificatePolicyMap { * Write the CertificatePolicyMap to the DerOutputStream. * * @param out the DerOutputStream to write the object to. - * @exception IOException on errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream tmp = new DerOutputStream(); issuerDomain.encode(tmp); diff --git a/src/java.base/share/classes/sun/security/x509/CertificatePolicySet.java b/src/java.base/share/classes/sun/security/x509/CertificatePolicySet.java index ec04737b6ac..ea675d5fe33 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificatePolicySet.java +++ b/src/java.base/share/classes/sun/security/x509/CertificatePolicySet.java @@ -38,7 +38,7 @@ import sun.security.util.*; * @author Amit Kapoor * @author Hemma Prafullchandra */ -public class CertificatePolicySet { +public class CertificatePolicySet implements DerEncoder { private final Vector ids; @@ -82,7 +82,8 @@ public class CertificatePolicySet { * * @param out the DerOutputStream to encode the data to. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream tmp = new DerOutputStream(); for (int i = 0; i < ids.size(); i++) { diff --git a/src/java.base/share/classes/sun/security/x509/CertificateSerialNumber.java b/src/java.base/share/classes/sun/security/x509/CertificateSerialNumber.java index ce06e513d42..19658556c3e 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificateSerialNumber.java +++ b/src/java.base/share/classes/sun/security/x509/CertificateSerialNumber.java @@ -104,10 +104,9 @@ public class CertificateSerialNumber implements DerEncoder { * Encode the serial number in DER form to the stream. * * @param out the DerOutputStream to marshal the contents to. - * @exception IOException on errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { serial.encode(out); } diff --git a/src/java.base/share/classes/sun/security/x509/CertificateSubjectName.java b/src/java.base/share/classes/sun/security/x509/CertificateSubjectName.java index c99db339c7d..0a862459171 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificateSubjectName.java +++ b/src/java.base/share/classes/sun/security/x509/CertificateSubjectName.java @@ -91,10 +91,9 @@ public class CertificateSubjectName implements DerEncoder { * Encode the name in DER form to the stream. * * @param out the DerOutputStream to marshal the contents to. - * @exception IOException on errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { dnName.encode(out); } } diff --git a/src/java.base/share/classes/sun/security/x509/CertificateValidity.java b/src/java.base/share/classes/sun/security/x509/CertificateValidity.java index 75188bcb9ce..dab9ada4ece 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificateValidity.java +++ b/src/java.base/share/classes/sun/security/x509/CertificateValidity.java @@ -123,10 +123,9 @@ public class CertificateValidity implements DerEncoder { * Encode the CertificateValidity period in DER form to the stream. * * @param out the DerOutputStream to marshal the contents to. - * @exception IOException on errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { DerOutputStream pair = new DerOutputStream(); diff --git a/src/java.base/share/classes/sun/security/x509/CertificateVersion.java b/src/java.base/share/classes/sun/security/x509/CertificateVersion.java index 9d57e700b29..f4116247038 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificateVersion.java +++ b/src/java.base/share/classes/sun/security/x509/CertificateVersion.java @@ -146,10 +146,9 @@ public class CertificateVersion implements DerEncoder { * Encode the CertificateVersion period in DER form to the stream. * * @param out the DerOutputStream to marshal the contents to. - * @exception IOException on errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { // Nothing for default if (version == V1) { return; diff --git a/src/java.base/share/classes/sun/security/x509/CertificateX509Key.java b/src/java.base/share/classes/sun/security/x509/CertificateX509Key.java index 0c4502af823..a4c52657ecd 100644 --- a/src/java.base/share/classes/sun/security/x509/CertificateX509Key.java +++ b/src/java.base/share/classes/sun/security/x509/CertificateX509Key.java @@ -88,11 +88,10 @@ public class CertificateX509Key implements DerEncoder { * Encode the key in DER form to the stream. * * @param out the DerOutputStream to marshal the contents to. - * @exception IOException on errors. */ @Override - public void encode(DerOutputStream out) throws IOException { - out.write(key.getEncoded()); + public void encode(DerOutputStream out) { + out.writeBytes(key.getEncoded()); } /** diff --git a/src/java.base/share/classes/sun/security/x509/DNSName.java b/src/java.base/share/classes/sun/security/x509/DNSName.java index 004dce274bd..647a029413d 100644 --- a/src/java.base/share/classes/sun/security/x509/DNSName.java +++ b/src/java.base/share/classes/sun/security/x509/DNSName.java @@ -150,9 +150,9 @@ public class DNSName implements GeneralNameInterface { * Encode the DNSName into the DerOutputStream. * * @param out the DER stream to encode the DNSName to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { out.putIA5String(name); } diff --git a/src/java.base/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java b/src/java.base/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java index 8f0908abbc6..c80bbc9f063 100644 --- a/src/java.base/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java +++ b/src/java.base/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java @@ -69,7 +69,7 @@ public class DeltaCRLIndicatorExtension extends CRLNumberExtension { * * @param crlNum the value to be set for the extension. */ - public DeltaCRLIndicatorExtension(int crlNum) throws IOException { + public DeltaCRLIndicatorExtension(int crlNum) { super(PKIXExtensions.DeltaCRLIndicator_Id, true, BigInteger.valueOf(crlNum), NAME, LABEL); } @@ -80,7 +80,7 @@ public class DeltaCRLIndicatorExtension extends CRLNumberExtension { * * @param crlNum the value to be set for the extension. */ - public DeltaCRLIndicatorExtension(BigInteger crlNum) throws IOException { + public DeltaCRLIndicatorExtension(BigInteger crlNum) { super(PKIXExtensions.DeltaCRLIndicator_Id, true, crlNum, NAME, LABEL); } @@ -102,10 +102,9 @@ public class DeltaCRLIndicatorExtension extends CRLNumberExtension { * Writes the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { super.encode(out, PKIXExtensions.DeltaCRLIndicator_Id, true); } } diff --git a/src/java.base/share/classes/sun/security/x509/DistributionPoint.java b/src/java.base/share/classes/sun/security/x509/DistributionPoint.java index 657da792321..a31e93e2e44 100644 --- a/src/java.base/share/classes/sun/security/x509/DistributionPoint.java +++ b/src/java.base/share/classes/sun/security/x509/DistributionPoint.java @@ -29,6 +29,7 @@ import java.io.IOException; import java.util.*; import sun.security.util.BitArray; +import sun.security.util.DerEncoder; import sun.security.util.DerOutputStream; import sun.security.util.DerValue; @@ -93,7 +94,7 @@ import sun.security.util.DerValue; * @since 1.4.2 * @see CRLDistributionPointsExtension */ -public class DistributionPoint { +public class DistributionPoint implements DerEncoder { // reason flag bits // NOTE that these are NOT quite the same as the CRL reason code extension @@ -275,9 +276,9 @@ public class DistributionPoint { * Write the DistributionPoint value to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on error. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream tagged = new DerOutputStream(); // NOTE: only one of pointNames and pointRDN can be set diff --git a/src/java.base/share/classes/sun/security/x509/DistributionPointName.java b/src/java.base/share/classes/sun/security/x509/DistributionPointName.java index 0bfd830abb0..d4843fb6c29 100644 --- a/src/java.base/share/classes/sun/security/x509/DistributionPointName.java +++ b/src/java.base/share/classes/sun/security/x509/DistributionPointName.java @@ -28,6 +28,7 @@ package sun.security.x509; import java.io.IOException; import java.util.Objects; +import sun.security.util.DerEncoder; import sun.security.util.DerOutputStream; import sun.security.util.DerValue; @@ -78,7 +79,7 @@ import sun.security.util.DerValue; * @see IssuingDistributionPointExtension * @since 1.6 */ -public class DistributionPointName { +public class DistributionPointName implements DerEncoder { // ASN.1 context specific tag values private static final byte TAG_FULL_NAME = 0; @@ -164,9 +165,9 @@ public class DistributionPointName { * Encodes the distribution point name and writes it to the DerOutputStream. * * @param out the output stream. - * @exception IOException on encoding error. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream theChoice = new DerOutputStream(); diff --git a/src/java.base/share/classes/sun/security/x509/EDIPartyName.java b/src/java.base/share/classes/sun/security/x509/EDIPartyName.java index cbd008ab992..4c2362773de 100644 --- a/src/java.base/share/classes/sun/security/x509/EDIPartyName.java +++ b/src/java.base/share/classes/sun/security/x509/EDIPartyName.java @@ -124,9 +124,9 @@ public class EDIPartyName implements GeneralNameInterface { * Encode the EDI party name into the DerOutputStream. * * @param out the DER stream to encode the EDIPartyName to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream tagged = new DerOutputStream(); DerOutputStream tmp = new DerOutputStream(); diff --git a/src/java.base/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java b/src/java.base/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java index 4f1825ec795..f37db583f4f 100644 --- a/src/java.base/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java +++ b/src/java.base/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java @@ -86,7 +86,7 @@ public class ExtendedKeyUsageExtension extends Extension { private Vector keyUsages; // Encode this extension value. - private void encodeThis() throws IOException { + private void encodeThis() { if (keyUsages == null || keyUsages.isEmpty()) { this.extensionValue = null; return; @@ -108,8 +108,7 @@ public class ExtendedKeyUsageExtension extends Extension { * * @param keyUsages the Vector of KeyUsages (ObjectIdentifiers) */ - public ExtendedKeyUsageExtension(Vector keyUsages) - throws IOException { + public ExtendedKeyUsageExtension(Vector keyUsages) { this(Boolean.FALSE, keyUsages); } @@ -121,8 +120,7 @@ public class ExtendedKeyUsageExtension extends Extension { * @param keyUsages the Vector of KeyUsages (ObjectIdentifiers), * cannot be null or empty. */ - public ExtendedKeyUsageExtension(Boolean critical, Vector keyUsages) - throws IOException { + public ExtendedKeyUsageExtension(Boolean critical, Vector keyUsages) { if (keyUsages == null || keyUsages.isEmpty()) { throw new IllegalArgumentException( "key usages cannot be null or empty"); @@ -188,10 +186,9 @@ public class ExtendedKeyUsageExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.ExtendedKeyUsage_Id; critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/Extension.java b/src/java.base/share/classes/sun/security/x509/Extension.java index cd7e64e7f9a..05c638753d2 100644 --- a/src/java.base/share/classes/sun/security/x509/Extension.java +++ b/src/java.base/share/classes/sun/security/x509/Extension.java @@ -169,10 +169,9 @@ public class Extension implements java.security.cert.Extension, DerEncoder { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { Objects.requireNonNull(extensionId, "No OID to encode for the extension"); diff --git a/src/java.base/share/classes/sun/security/x509/FreshestCRLExtension.java b/src/java.base/share/classes/sun/security/x509/FreshestCRLExtension.java index 53ec826774a..a3716ced9ca 100644 --- a/src/java.base/share/classes/sun/security/x509/FreshestCRLExtension.java +++ b/src/java.base/share/classes/sun/security/x509/FreshestCRLExtension.java @@ -65,8 +65,7 @@ public class FreshestCRLExtension extends CRLDistributionPointsExtension { * * @param distributionPoints the list of delta CRL distribution points. */ - public FreshestCRLExtension(List distributionPoints) - throws IOException { + public FreshestCRLExtension(List distributionPoints) { super(PKIXExtensions.FreshestCRL_Id, false, distributionPoints, NAME); } @@ -88,10 +87,9 @@ public class FreshestCRLExtension extends CRLDistributionPointsExtension { * Writes the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { super.encode(out, PKIXExtensions.FreshestCRL_Id, false); } } diff --git a/src/java.base/share/classes/sun/security/x509/GeneralName.java b/src/java.base/share/classes/sun/security/x509/GeneralName.java index 3c90464ad1e..934eee5a558 100644 --- a/src/java.base/share/classes/sun/security/x509/GeneralName.java +++ b/src/java.base/share/classes/sun/security/x509/GeneralName.java @@ -49,7 +49,7 @@ import sun.security.util.*; * @author Amit Kapoor * @author Hemma Prafullchandra */ -public class GeneralName { +public class GeneralName implements DerEncoder { // Private data members private final GeneralNameInterface name; @@ -231,9 +231,9 @@ public class GeneralName { * Encode the name to the specified DerOutputStream. * * @param out the DerOutputStream to encode the GeneralName to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream tmp = new DerOutputStream(); name.encode(tmp); int nameType = name.getType(); diff --git a/src/java.base/share/classes/sun/security/x509/GeneralNameInterface.java b/src/java.base/share/classes/sun/security/x509/GeneralNameInterface.java index 736b8fd797d..59e3157fd5d 100644 --- a/src/java.base/share/classes/sun/security/x509/GeneralNameInterface.java +++ b/src/java.base/share/classes/sun/security/x509/GeneralNameInterface.java @@ -25,8 +25,6 @@ package sun.security.x509; -import java.io.IOException; - import sun.security.util.*; /** @@ -36,7 +34,7 @@ import sun.security.util.*; * @author Amit Kapoor * @author Hemma Prafullchandra */ -public interface GeneralNameInterface { +public interface GeneralNameInterface extends DerEncoder { /** * The list of names supported. */ @@ -65,15 +63,6 @@ public interface GeneralNameInterface { */ int getType(); - /** - * Encode the name to the specified DerOutputStream. - * - * @param out the DerOutputStream to encode the GeneralName to. - * @exception IOException thrown if the GeneralName could not be - * encoded. - */ - void encode(DerOutputStream out) throws IOException; - /** * Return type of constraint inputName places on this name:

    *
  • NAME_DIFF_TYPE = -1: input name is different type from name (i.e. does not constrain). diff --git a/src/java.base/share/classes/sun/security/x509/GeneralNames.java b/src/java.base/share/classes/sun/security/x509/GeneralNames.java index 68f7a33362c..5dd18b1d366 100644 --- a/src/java.base/share/classes/sun/security/x509/GeneralNames.java +++ b/src/java.base/share/classes/sun/security/x509/GeneralNames.java @@ -109,9 +109,8 @@ public class GeneralNames { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on error. */ - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (isEmpty()) { return; } diff --git a/src/java.base/share/classes/sun/security/x509/GeneralSubtree.java b/src/java.base/share/classes/sun/security/x509/GeneralSubtree.java index 01d7b612735..6350740deac 100644 --- a/src/java.base/share/classes/sun/security/x509/GeneralSubtree.java +++ b/src/java.base/share/classes/sun/security/x509/GeneralSubtree.java @@ -43,7 +43,7 @@ import sun.security.util.*; * @author Amit Kapoor * @author Hemma Prafullchandra */ -public class GeneralSubtree { +public class GeneralSubtree implements DerEncoder { private static final byte TAG_MIN = 0; private static final byte TAG_MAX = 1; private static final int MIN_DEFAULT = 0; @@ -194,7 +194,8 @@ public class GeneralSubtree { * * @param out the DerOutputStream to encode this object to. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream seq = new DerOutputStream(); name.encode(seq); diff --git a/src/java.base/share/classes/sun/security/x509/GeneralSubtrees.java b/src/java.base/share/classes/sun/security/x509/GeneralSubtrees.java index c42b45c5d1d..72b5664c09c 100644 --- a/src/java.base/share/classes/sun/security/x509/GeneralSubtrees.java +++ b/src/java.base/share/classes/sun/security/x509/GeneralSubtrees.java @@ -43,7 +43,7 @@ import sun.security.util.*; * @author Hemma Prafullchandra * @author Andreas Sterbenz */ -public class GeneralSubtrees implements Cloneable { +public class GeneralSubtrees implements Cloneable, DerEncoder { private final List trees; @@ -132,7 +132,8 @@ public class GeneralSubtrees implements Cloneable { * * @param out the DerOutputStream to encode this object to. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream seq = new DerOutputStream(); for (int i = 0, n = size(); i < n; i++) { diff --git a/src/java.base/share/classes/sun/security/x509/IPAddressName.java b/src/java.base/share/classes/sun/security/x509/IPAddressName.java index ea64d74c69a..eb08cbbb95a 100644 --- a/src/java.base/share/classes/sun/security/x509/IPAddressName.java +++ b/src/java.base/share/classes/sun/security/x509/IPAddressName.java @@ -226,9 +226,9 @@ public class IPAddressName implements GeneralNameInterface { * Encode the IPAddress name into the DerOutputStream. * * @param out the DER stream to encode the IPAddressName to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { out.putOctetString(address); } diff --git a/src/java.base/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java b/src/java.base/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java index 8214685c8c3..fcef3ce43c4 100644 --- a/src/java.base/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java +++ b/src/java.base/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java @@ -69,7 +69,7 @@ public class InhibitAnyPolicyExtension extends Extension { private int skipCerts = Integer.MAX_VALUE; // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { DerOutputStream out = new DerOutputStream(); out.putInteger(skipCerts); this.extensionValue = out.toByteArray(); @@ -81,7 +81,7 @@ public class InhibitAnyPolicyExtension extends Extension { * @param skipCerts specifies the depth of the certification path. * Use value of -1 to request unlimited depth. */ - public InhibitAnyPolicyExtension(int skipCerts) throws IOException { + public InhibitAnyPolicyExtension(int skipCerts) { if (skipCerts < -1) throw new IllegalArgumentException("Invalid value for skipCerts"); if (skipCerts == -1) @@ -144,7 +144,7 @@ public class InhibitAnyPolicyExtension extends Extension { * @param out the DerOutputStream to encode the extension to. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { this.extensionId = PKIXExtensions.InhibitAnyPolicy_Id; critical = true; diff --git a/src/java.base/share/classes/sun/security/x509/InvalidityDateExtension.java b/src/java.base/share/classes/sun/security/x509/InvalidityDateExtension.java index c50664e815b..901ac23d557 100644 --- a/src/java.base/share/classes/sun/security/x509/InvalidityDateExtension.java +++ b/src/java.base/share/classes/sun/security/x509/InvalidityDateExtension.java @@ -64,7 +64,7 @@ public class InvalidityDateExtension extends Extension { private Date date; - private void encodeThis() throws IOException { + private void encodeThis() { if (date == null) { this.extensionValue = null; return; @@ -80,7 +80,7 @@ public class InvalidityDateExtension extends Extension { * * @param date the invalidity date */ - public InvalidityDateExtension(Date date) throws IOException { + public InvalidityDateExtension(Date date) { this(false, date); } @@ -90,8 +90,7 @@ public class InvalidityDateExtension extends Extension { * @param critical true if the extension is to be treated as critical. * @param date the invalidity date, cannot be null. */ - public InvalidityDateExtension(boolean critical, Date date) - throws IOException { + public InvalidityDateExtension(boolean critical, Date date) { if (date == null) { throw new IllegalArgumentException("date cannot be null"); } @@ -141,10 +140,9 @@ public class InvalidityDateExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to - * @exception IOException on encoding errors */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { this.extensionId = PKIXExtensions.InvalidityDate_Id; this.critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java b/src/java.base/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java index 5c574ba4d4a..7d9ee20cbd3 100644 --- a/src/java.base/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java +++ b/src/java.base/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java @@ -52,7 +52,7 @@ public class IssuerAlternativeNameExtension extends Extension { GeneralNames names; // Encode this extension - private void encodeThis() throws IOException { + private void encodeThis() { if (names == null || names.isEmpty()) { this.extensionValue = null; return; @@ -66,10 +66,8 @@ public class IssuerAlternativeNameExtension extends Extension { * Create a IssuerAlternativeNameExtension with the passed GeneralNames. * * @param names the GeneralNames for the issuer. - * @exception IOException on error. */ - public IssuerAlternativeNameExtension(GeneralNames names) - throws IOException { + public IssuerAlternativeNameExtension(GeneralNames names) { this(false, names); } @@ -79,10 +77,8 @@ public class IssuerAlternativeNameExtension extends Extension { * * @param critical true if the extension is to be treated as critical. * @param names the GeneralNames for the issuer, cannot be null or empty. - * @exception IOException on error. */ - public IssuerAlternativeNameExtension(Boolean critical, GeneralNames names) - throws IOException { + public IssuerAlternativeNameExtension(Boolean critical, GeneralNames names) { if (names == null || names.isEmpty()) { throw new IllegalArgumentException("names cannot be null or empty"); } @@ -138,10 +134,9 @@ public class IssuerAlternativeNameExtension extends Extension { * Write the extension to the OutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding error. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.IssuerAlternativeName_Id; critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/IssuingDistributionPointExtension.java b/src/java.base/share/classes/sun/security/x509/IssuingDistributionPointExtension.java index ebfbb591a53..37eacb9dd48 100644 --- a/src/java.base/share/classes/sun/security/x509/IssuingDistributionPointExtension.java +++ b/src/java.base/share/classes/sun/security/x509/IssuingDistributionPointExtension.java @@ -112,13 +112,11 @@ public class IssuingDistributionPointExtension extends Extension { * hasOnlyUserCerts, hasOnlyCACerts, * hasOnlyAttributeCerts is set to true, * or all arguments are either null or false. - * @throws IOException on encoding error. */ public IssuingDistributionPointExtension( DistributionPointName distributionPoint, ReasonFlags revocationReasons, boolean hasOnlyUserCerts, boolean hasOnlyCACerts, - boolean hasOnlyAttributeCerts, boolean isIndirectCRL) - throws IOException { + boolean hasOnlyAttributeCerts, boolean isIndirectCRL) { if (distributionPoint == null && revocationReasons == null && @@ -222,10 +220,9 @@ public class IssuingDistributionPointExtension extends Extension { * DerOutputStream. * * @param out the output stream. - * @exception IOException on encoding error. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { this.extensionId = PKIXExtensions.IssuingDistributionPoint_Id; this.critical = false; @@ -264,7 +261,7 @@ public class IssuingDistributionPointExtension extends Extension { } // Encodes this extension value - private void encodeThis() throws IOException { + private void encodeThis() { if (distributionPoint == null && revocationReasons == null && diff --git a/src/java.base/share/classes/sun/security/x509/KeyIdentifier.java b/src/java.base/share/classes/sun/security/x509/KeyIdentifier.java index f9b06e6e87f..7511874b400 100644 --- a/src/java.base/share/classes/sun/security/x509/KeyIdentifier.java +++ b/src/java.base/share/classes/sun/security/x509/KeyIdentifier.java @@ -125,7 +125,7 @@ public class KeyIdentifier { * @param out the DerOutputStream to write the object to. * @exception IOException */ - void encode(DerOutputStream out) throws IOException { + void encode(DerOutputStream out) { out.putOctetString(octetString); } diff --git a/src/java.base/share/classes/sun/security/x509/KeyUsageExtension.java b/src/java.base/share/classes/sun/security/x509/KeyUsageExtension.java index c93942f03a8..43edda9fd84 100644 --- a/src/java.base/share/classes/sun/security/x509/KeyUsageExtension.java +++ b/src/java.base/share/classes/sun/security/x509/KeyUsageExtension.java @@ -59,7 +59,7 @@ public class KeyUsageExtension extends Extension { private boolean[] bitString; // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { DerOutputStream os = new DerOutputStream(); os.putTruncatedUnalignedBitString(new BitArray(this.bitString)); this.extensionValue = os.toByteArray(); @@ -94,7 +94,7 @@ public class KeyUsageExtension extends Extension { * * @param bitString the bits to be set for the extension. */ - public KeyUsageExtension(byte[] bitString) throws IOException { + public KeyUsageExtension(byte[] bitString) { this.bitString = new BitArray(bitString.length*8,bitString).toBooleanArray(); this.extensionId = PKIXExtensions.KeyUsage_Id; @@ -108,7 +108,7 @@ public class KeyUsageExtension extends Extension { * * @param bitString the bits to be set for the extension. */ - public KeyUsageExtension(boolean[] bitString) throws IOException { + public KeyUsageExtension(boolean[] bitString) { this.bitString = bitString; this.extensionId = PKIXExtensions.KeyUsage_Id; this.critical = true; @@ -121,7 +121,7 @@ public class KeyUsageExtension extends Extension { * * @param bitString the bits to be set for the extension. */ - public KeyUsageExtension(BitArray bitString) throws IOException { + public KeyUsageExtension(BitArray bitString) { this.bitString = bitString.toBooleanArray(); this.extensionId = PKIXExtensions.KeyUsage_Id; this.critical = true; @@ -272,10 +272,9 @@ public class KeyUsageExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { this.extensionId = PKIXExtensions.KeyUsage_Id; this.critical = true; diff --git a/src/java.base/share/classes/sun/security/x509/NameConstraintsExtension.java b/src/java.base/share/classes/sun/security/x509/NameConstraintsExtension.java index cee4833769c..ce6d4721ad7 100644 --- a/src/java.base/share/classes/sun/security/x509/NameConstraintsExtension.java +++ b/src/java.base/share/classes/sun/security/x509/NameConstraintsExtension.java @@ -101,7 +101,7 @@ public class NameConstraintsExtension extends Extension } // Encode this extension value. - private void encodeThis() throws IOException { + private void encodeThis() { minMaxValid = false; if (permitted == null && excluded == null) { this.extensionValue = null; @@ -135,8 +135,7 @@ public class NameConstraintsExtension extends Extension * @param excluded the excluded GeneralSubtrees (null for optional). */ public NameConstraintsExtension(GeneralSubtrees permitted, - GeneralSubtrees excluded) - throws IOException { + GeneralSubtrees excluded) { if (permitted == null && excluded == null) { throw new IllegalArgumentException( "permitted and excluded cannot both be null"); @@ -226,10 +225,9 @@ public class NameConstraintsExtension extends Extension * Write the extension to the OutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { this.extensionId = PKIXExtensions.NameConstraints_Id; this.critical = true; diff --git a/src/java.base/share/classes/sun/security/x509/NetscapeCertTypeExtension.java b/src/java.base/share/classes/sun/security/x509/NetscapeCertTypeExtension.java index 21a36347763..7f91140795b 100644 --- a/src/java.base/share/classes/sun/security/x509/NetscapeCertTypeExtension.java +++ b/src/java.base/share/classes/sun/security/x509/NetscapeCertTypeExtension.java @@ -26,7 +26,6 @@ package sun.security.x509; import java.io.IOException; -import java.util.*; import sun.security.util.*; @@ -86,13 +85,6 @@ public class NetscapeCertTypeExtension extends Extension { new MapEntry(OBJECT_SIGNING_CA, 7), }; - private static final Vector mAttributeNames = new Vector<>(); - static { - for (MapEntry entry : mMapData) { - mAttributeNames.add(entry.mName); - } - } - private static int getPosition(String name) throws IOException { for (int i = 0; i < mMapData.length; i++) { if (name.equalsIgnoreCase(mMapData[i].mName)) @@ -103,7 +95,7 @@ public class NetscapeCertTypeExtension extends Extension { } // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { DerOutputStream os = new DerOutputStream(); os.putTruncatedUnalignedBitString(new BitArray(this.bitString)); this.extensionValue = os.toByteArray(); @@ -138,7 +130,7 @@ public class NetscapeCertTypeExtension extends Extension { * * @param bitString the bits to be set for the extension. */ - public NetscapeCertTypeExtension(byte[] bitString) throws IOException { + public NetscapeCertTypeExtension(byte[] bitString) { this.bitString = new BitArray(bitString.length*8, bitString).toBooleanArray(); this.extensionId = NetscapeCertType_Id; @@ -152,7 +144,7 @@ public class NetscapeCertTypeExtension extends Extension { * * @param bitString the bits to be set for the extension. */ - public NetscapeCertTypeExtension(boolean[] bitString) throws IOException { + public NetscapeCertTypeExtension(boolean[] bitString) { this.bitString = bitString; this.extensionId = NetscapeCertType_Id; this.critical = true; @@ -238,10 +230,9 @@ public class NetscapeCertTypeExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { this.extensionId = NetscapeCertType_Id; this.critical = true; diff --git a/src/java.base/share/classes/sun/security/x509/OIDName.java b/src/java.base/share/classes/sun/security/x509/OIDName.java index 0799ec718d2..a62a1682b78 100644 --- a/src/java.base/share/classes/sun/security/x509/OIDName.java +++ b/src/java.base/share/classes/sun/security/x509/OIDName.java @@ -86,9 +86,9 @@ public class OIDName implements GeneralNameInterface { * Encode the OID name into the DerOutputStream. * * @param out the DER stream to encode the OIDName to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { out.putOID(oid); } diff --git a/src/java.base/share/classes/sun/security/x509/OtherName.java b/src/java.base/share/classes/sun/security/x509/OtherName.java index 396d337f95c..85d19358c15 100644 --- a/src/java.base/share/classes/sun/security/x509/OtherName.java +++ b/src/java.base/share/classes/sun/security/x509/OtherName.java @@ -151,9 +151,9 @@ public class OtherName implements GeneralNameInterface { * Encode the Other name into the DerOutputStream. * * @param out the DER stream to encode the Other-Name to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { if (gni != null) { // This OtherName has a supported class gni.encode(out); diff --git a/src/java.base/share/classes/sun/security/x509/PolicyConstraintsExtension.java b/src/java.base/share/classes/sun/security/x509/PolicyConstraintsExtension.java index bdceefc54b1..e9246acdc83 100644 --- a/src/java.base/share/classes/sun/security/x509/PolicyConstraintsExtension.java +++ b/src/java.base/share/classes/sun/security/x509/PolicyConstraintsExtension.java @@ -62,7 +62,7 @@ public class PolicyConstraintsExtension extends Extension { private int inhibit = -1; // Encode this extension value. - private void encodeThis() throws IOException { + private void encodeThis() { if (require == -1 && inhibit == -1) { this.extensionValue = null; return; @@ -94,8 +94,7 @@ public class PolicyConstraintsExtension extends Extension { * @param require require explicit policy (-1 for optional). * @param inhibit inhibit policy mapping (-1 for optional). */ - public PolicyConstraintsExtension(int require, int inhibit) - throws IOException { + public PolicyConstraintsExtension(int require, int inhibit) { this(Boolean.TRUE, require, inhibit); } @@ -108,8 +107,7 @@ public class PolicyConstraintsExtension extends Extension { * @param require require explicit policy (-1 for optional). * @param inhibit inhibit policy mapping (-1 for optional). */ - public PolicyConstraintsExtension(Boolean critical, int require, int inhibit) - throws IOException { + public PolicyConstraintsExtension(Boolean critical, int require, int inhibit) { if (require == -1 && inhibit == -1) { throw new IllegalArgumentException( "require and inhibit cannot both be -1"); @@ -190,10 +188,9 @@ public class PolicyConstraintsExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.PolicyConstraints_Id; critical = true; diff --git a/src/java.base/share/classes/sun/security/x509/PolicyInformation.java b/src/java.base/share/classes/sun/security/x509/PolicyInformation.java index be47f9bdde3..7a6f3b4552d 100644 --- a/src/java.base/share/classes/sun/security/x509/PolicyInformation.java +++ b/src/java.base/share/classes/sun/security/x509/PolicyInformation.java @@ -32,6 +32,7 @@ import java.util.LinkedHashSet; import java.util.Objects; import java.util.Set; +import sun.security.util.DerEncoder; import sun.security.util.DerValue; import sun.security.util.DerOutputStream; /** @@ -59,7 +60,7 @@ import sun.security.util.DerOutputStream; * @author Anne Anderson * @since 1.4 */ -public class PolicyInformation { +public class PolicyInformation implements DerEncoder { // Attribute names public static final String NAME = "PolicyInformation"; @@ -178,15 +179,15 @@ public class PolicyInformation { * Write the PolicyInformation to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream tmp = new DerOutputStream(); policyIdentifier.encode(tmp); if (!policyQualifiers.isEmpty()) { DerOutputStream tmp2 = new DerOutputStream(); for (PolicyQualifierInfo pq : policyQualifiers) { - tmp2.write(pq.getEncoded()); + tmp2.writeBytes(pq.getEncoded()); } tmp.write(DerValue.tag_Sequence, tmp2); } diff --git a/src/java.base/share/classes/sun/security/x509/PolicyMappingsExtension.java b/src/java.base/share/classes/sun/security/x509/PolicyMappingsExtension.java index 46d8b8d5cc4..e398a92b9cb 100644 --- a/src/java.base/share/classes/sun/security/x509/PolicyMappingsExtension.java +++ b/src/java.base/share/classes/sun/security/x509/PolicyMappingsExtension.java @@ -56,7 +56,7 @@ public class PolicyMappingsExtension extends Extension { private List maps; // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { if (maps == null || maps.isEmpty()) { this.extensionValue = null; return; @@ -77,8 +77,7 @@ public class PolicyMappingsExtension extends Extension { * * @param maps the List of CertificatePolicyMap, cannot be null or empty. */ - public PolicyMappingsExtension(List maps) - throws IOException { + public PolicyMappingsExtension(List maps) { if (maps == null || maps.isEmpty()) { throw new IllegalArgumentException("maps cannot be null or empty"); } @@ -129,10 +128,9 @@ public class PolicyMappingsExtension extends Extension { * Write the extension to the OutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.PolicyMappings_Id; critical = true; diff --git a/src/java.base/share/classes/sun/security/x509/PrivateKeyUsageExtension.java b/src/java.base/share/classes/sun/security/x509/PrivateKeyUsageExtension.java index b31700de65c..86691a38aa2 100644 --- a/src/java.base/share/classes/sun/security/x509/PrivateKeyUsageExtension.java +++ b/src/java.base/share/classes/sun/security/x509/PrivateKeyUsageExtension.java @@ -68,7 +68,7 @@ public class PrivateKeyUsageExtension extends Extension { private Date notAfter = null; // Encode this extension value. - private void encodeThis() throws IOException { + private void encodeThis() { if (notBefore == null && notAfter == null) { this.extensionValue = null; return; @@ -101,8 +101,7 @@ public class PrivateKeyUsageExtension extends Extension { * @param notAfter the date/time after which the private key * should not be used. */ - public PrivateKeyUsageExtension(Date notBefore, Date notAfter) - throws IOException { + public PrivateKeyUsageExtension(Date notBefore, Date notAfter) { if (notBefore == null && notAfter == null) { throw new IllegalArgumentException( "notBefore and notAfter cannot both be null"); @@ -230,10 +229,9 @@ public class PrivateKeyUsageExtension extends Extension { * Write the extension to the OutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.PrivateKeyUsage_Id; critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/RDN.java b/src/java.base/share/classes/sun/security/x509/RDN.java index b3f2fba79df..21fa345156d 100644 --- a/src/java.base/share/classes/sun/security/x509/RDN.java +++ b/src/java.base/share/classes/sun/security/x509/RDN.java @@ -333,9 +333,8 @@ public class RDN { * Encode the RDN in DER-encoded form. * * @param out DerOutputStream to which RDN is to be written - * @throws IOException on error */ - void encode(DerOutputStream out) throws IOException { + void encode(DerOutputStream out) { out.putOrderedSetOf(DerValue.tag_Set, assertion); } diff --git a/src/java.base/share/classes/sun/security/x509/RFC822Name.java b/src/java.base/share/classes/sun/security/x509/RFC822Name.java index 5ee33baaf81..6b866b6c9ee 100644 --- a/src/java.base/share/classes/sun/security/x509/RFC822Name.java +++ b/src/java.base/share/classes/sun/security/x509/RFC822Name.java @@ -114,9 +114,9 @@ public class RFC822Name implements GeneralNameInterface * Encode the RFC822 name into the DerOutputStream. * * @param out the DER stream to encode the RFC822Name to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { out.putIA5String(name); } diff --git a/src/java.base/share/classes/sun/security/x509/ReasonFlags.java b/src/java.base/share/classes/sun/security/x509/ReasonFlags.java index 1a9a422e1a1..4c482f66bcd 100644 --- a/src/java.base/share/classes/sun/security/x509/ReasonFlags.java +++ b/src/java.base/share/classes/sun/security/x509/ReasonFlags.java @@ -27,10 +27,7 @@ package sun.security.x509; import java.io.IOException; -import sun.security.util.BitArray; -import sun.security.util.DerInputStream; -import sun.security.util.DerOutputStream; -import sun.security.util.DerValue; +import sun.security.util.*; /** * Represent the CRL Reason Flags. @@ -53,7 +50,7 @@ import sun.security.util.DerValue; * * @author Hemma Prafullchandra */ -public class ReasonFlags { +public class ReasonFlags implements DerEncoder { /** * Reasons @@ -231,9 +228,9 @@ public class ReasonFlags { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { out.putTruncatedUnalignedBitString(new BitArray(this.bitString)); } } diff --git a/src/java.base/share/classes/sun/security/x509/SerialNumber.java b/src/java.base/share/classes/sun/security/x509/SerialNumber.java index 2264edfd4ab..5bd97e63306 100644 --- a/src/java.base/share/classes/sun/security/x509/SerialNumber.java +++ b/src/java.base/share/classes/sun/security/x509/SerialNumber.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2002, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -108,9 +108,8 @@ public class SerialNumber { * Encode the SerialNumber in DER form to the stream. * * @param out the DerOutputStream to marshal the contents to. - * @exception IOException on errors. */ - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { out.putInteger(serialNum); } diff --git a/src/java.base/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java b/src/java.base/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java index 2d63b9ba908..0ae69abb5d8 100644 --- a/src/java.base/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java +++ b/src/java.base/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java @@ -57,7 +57,7 @@ public class SubjectAlternativeNameExtension extends Extension { GeneralNames names; // Encode this extension - private void encodeThis() throws IOException { + private void encodeThis() { if (names == null || names.isEmpty()) { this.extensionValue = null; return; @@ -72,10 +72,8 @@ public class SubjectAlternativeNameExtension extends Extension { * The extension is marked non-critical. * * @param names the GeneralNames for the subject. - * @exception IOException on error. */ - public SubjectAlternativeNameExtension(GeneralNames names) - throws IOException { + public SubjectAlternativeNameExtension(GeneralNames names) { this(Boolean.FALSE, names); } @@ -85,10 +83,8 @@ public class SubjectAlternativeNameExtension extends Extension { * * @param critical true if the extension is to be treated as critical. * @param names the GeneralNames for the subject, cannot be null or empty. - * @exception IOException on error. */ - public SubjectAlternativeNameExtension(Boolean critical, GeneralNames names) - throws IOException { + public SubjectAlternativeNameExtension(Boolean critical, GeneralNames names) { if (names == null || names.isEmpty()) { throw new IllegalArgumentException("names cannot be null or empty"); } @@ -142,10 +138,9 @@ public class SubjectAlternativeNameExtension extends Extension { * Write the extension to the OutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.SubjectAlternativeName_Id; critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/SubjectInfoAccessExtension.java b/src/java.base/share/classes/sun/security/x509/SubjectInfoAccessExtension.java index 514939fb9e5..ce9741eeba7 100644 --- a/src/java.base/share/classes/sun/security/x509/SubjectInfoAccessExtension.java +++ b/src/java.base/share/classes/sun/security/x509/SubjectInfoAccessExtension.java @@ -80,10 +80,9 @@ public class SubjectInfoAccessExtension extends Extension { * * @param accessDescriptions the List of AccessDescription, * cannot be null or empty. - * @throws IOException on error */ public SubjectInfoAccessExtension( - List accessDescriptions) throws IOException { + List accessDescriptions) { if (accessDescriptions == null || accessDescriptions.isEmpty()) { throw new IllegalArgumentException( "accessDescriptions cannot be null or empty"); @@ -143,10 +142,9 @@ public class SubjectInfoAccessExtension extends Extension { * Write the extension to the DerOutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (this.extensionValue == null) { this.extensionId = PKIXExtensions.SubjectInfoAccess_Id; this.critical = false; @@ -156,7 +154,7 @@ public class SubjectInfoAccessExtension extends Extension { } // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { if (accessDescriptions.isEmpty()) { this.extensionValue = null; } else { diff --git a/src/java.base/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java b/src/java.base/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java index 78f56306cab..e00dd2a0992 100644 --- a/src/java.base/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java +++ b/src/java.base/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java @@ -57,7 +57,7 @@ public class SubjectKeyIdentifierExtension extends Extension { private KeyIdentifier id; // Encode this extension value - private void encodeThis() throws IOException { + private void encodeThis() { if (id == null) { this.extensionValue = null; return; @@ -72,8 +72,7 @@ public class SubjectKeyIdentifierExtension extends Extension { * The criticality is set to False. * @param octetString the octet string identifying the key identifier. */ - public SubjectKeyIdentifierExtension(byte[] octetString) - throws IOException { + public SubjectKeyIdentifierExtension(byte[] octetString) { id = new KeyIdentifier(octetString); this.extensionId = PKIXExtensions.SubjectKey_Id; @@ -110,10 +109,9 @@ public class SubjectKeyIdentifierExtension extends Extension { * Write the extension to the OutputStream. * * @param out the DerOutputStream to write the extension to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { if (extensionValue == null) { extensionId = PKIXExtensions.SubjectKey_Id; critical = false; diff --git a/src/java.base/share/classes/sun/security/x509/URIName.java b/src/java.base/share/classes/sun/security/x509/URIName.java index 2c280ac93f0..0abfe8fd650 100644 --- a/src/java.base/share/classes/sun/security/x509/URIName.java +++ b/src/java.base/share/classes/sun/security/x509/URIName.java @@ -197,9 +197,9 @@ public class URIName implements GeneralNameInterface { * Encode the URI name into the DerOutputStream. * * @param out the DER stream to encode the URIName to. - * @exception IOException on encoding errors. */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { out.putIA5String(uri.toASCIIString()); } diff --git a/src/java.base/share/classes/sun/security/x509/UniqueIdentity.java b/src/java.base/share/classes/sun/security/x509/UniqueIdentity.java index b258821fa10..2dae935e7cf 100644 --- a/src/java.base/share/classes/sun/security/x509/UniqueIdentity.java +++ b/src/java.base/share/classes/sun/security/x509/UniqueIdentity.java @@ -92,9 +92,8 @@ public class UniqueIdentity { * * @param out the DerOutputStream to marshal the contents to. * @param tag encode it under the following tag. - * @exception IOException on errors. */ - public void encode(DerOutputStream out, byte tag) throws IOException { + public void encode(DerOutputStream out, byte tag) { byte[] bytes = id.toByteArray(); int excessBits = bytes.length*8 - id.length(); @@ -102,7 +101,7 @@ public class UniqueIdentity { out.putLength(bytes.length + 1); out.write(excessBits); - out.write(bytes); + out.writeBytes(bytes); } /** diff --git a/src/java.base/share/classes/sun/security/x509/X400Address.java b/src/java.base/share/classes/sun/security/x509/X400Address.java index 0feedcebc13..869f54a2787 100644 --- a/src/java.base/share/classes/sun/security/x509/X400Address.java +++ b/src/java.base/share/classes/sun/security/x509/X400Address.java @@ -364,10 +364,9 @@ public class X400Address implements GeneralNameInterface { * Encode the X400 name into the DerOutputStream. * * @param out the DER stream to encode the X400Address to. - * @exception IOException on encoding errors. */ @Override - public void encode(DerOutputStream out) throws IOException { + public void encode(DerOutputStream out) { out.putDerValue(derValue); } diff --git a/src/java.base/share/classes/sun/security/x509/X500Name.java b/src/java.base/share/classes/sun/security/x509/X500Name.java index 6f1d7cc8023..80e75903865 100644 --- a/src/java.base/share/classes/sun/security/x509/X500Name.java +++ b/src/java.base/share/classes/sun/security/x509/X500Name.java @@ -826,7 +826,8 @@ public class X500Name implements GeneralNameInterface, Principal { * * @param out where to put the DER-encoded X.500 name */ - public void encode(DerOutputStream out) throws IOException { + @Override + public void encode(DerOutputStream out) { DerOutputStream tmp = new DerOutputStream(); for (int i = 0; i < names.length; i++) { names[i].encode(tmp); diff --git a/src/java.base/share/classes/sun/security/x509/X509CRLEntryImpl.java b/src/java.base/share/classes/sun/security/x509/X509CRLEntryImpl.java index c5916a75fe6..52de9e953bf 100644 --- a/src/java.base/share/classes/sun/security/x509/X509CRLEntryImpl.java +++ b/src/java.base/share/classes/sun/security/x509/X509CRLEntryImpl.java @@ -152,47 +152,40 @@ public class X509CRLEntryImpl extends X509CRLEntry * * @param outStrm an output stream to which the encoded revoked * certificate is written. - * @exception CRLException on encoding errors. */ - public void encode(DerOutputStream outStrm) throws CRLException { - try { - if (revokedCert == null) { - DerOutputStream tmp = new DerOutputStream(); - // sequence { serialNumber, revocationDate, extensions } - serialNumber.encode(tmp); + public void encode(DerOutputStream outStrm) { + if (revokedCert == null) { + DerOutputStream tmp = new DerOutputStream(); + // sequence { serialNumber, revocationDate, extensions } + serialNumber.encode(tmp); - if (revocationDate.getTime() < CertificateValidity.YR_2050) { - tmp.putUTCTime(revocationDate); - } else { - tmp.putGeneralizedTime(revocationDate); - } - - if (extensions != null) - extensions.encode(tmp, isExplicit); - - DerOutputStream seq = new DerOutputStream(); - seq.write(DerValue.tag_Sequence, tmp); - - revokedCert = seq.toByteArray(); + if (revocationDate.getTime() < CertificateValidity.YR_2050) { + tmp.putUTCTime(revocationDate); + } else { + tmp.putGeneralizedTime(revocationDate); } - outStrm.write(revokedCert); - } catch (IOException e) { - throw new CRLException("Encoding error: " + e.toString()); + + if (extensions != null) + extensions.encode(tmp, isExplicit); + + DerOutputStream seq = new DerOutputStream(); + seq.write(DerValue.tag_Sequence, tmp); + + revokedCert = seq.toByteArray(); } + outStrm.writeBytes(revokedCert); } /** * Returns the ASN.1 DER-encoded form of this CRL Entry, * which corresponds to the inner SEQUENCE. - * - * @exception CRLException if an encoding error occurs. */ - public byte[] getEncoded() throws CRLException { + public byte[] getEncoded() { return getEncoded0().clone(); } // Called internally to avoid clone - private byte[] getEncoded0() throws CRLException { + private byte[] getEncoded0() { if (revokedCert == null) this.encode(new DerOutputStream()); return revokedCert; @@ -523,17 +516,13 @@ public class X509CRLEntryImpl extends X509CRLEntry if (compSerial != 0) { return compSerial; } - try { - byte[] thisEncoded = this.getEncoded0(); - byte[] thatEncoded = that.getEncoded0(); - for (int i=0; iDerEncoder interface. * * @param out the output stream on which to write the DER encoding. - * - * @exception IOException on encoding error. */ @Override - public void encode(DerOutputStream out) throws IOException { - out.write(signedCert.clone()); + public void encode(DerOutputStream out) { + out.writeBytes(signedCert); } /** @@ -468,35 +466,31 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { public static X509CertImpl newSigned(X509CertInfo info, PrivateKey key, String algorithm, String provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { - try { - Signature sigEngine = SignatureUtil.fromKey( - algorithm, key, provider); - AlgorithmId algId = SignatureUtil.fromSignature(sigEngine, key); + Signature sigEngine = SignatureUtil.fromKey( + algorithm, key, provider); + AlgorithmId algId = SignatureUtil.fromSignature(sigEngine, key); - DerOutputStream out = new DerOutputStream(); - DerOutputStream tmp = new DerOutputStream(); + DerOutputStream out = new DerOutputStream(); + DerOutputStream tmp = new DerOutputStream(); - // encode certificate info - info.setAlgorithmId(new CertificateAlgorithmId(algId)); - info.encode(tmp); - byte[] rawCert = tmp.toByteArray(); + // encode certificate info + info.setAlgorithmId(new CertificateAlgorithmId(algId)); + info.encode(tmp); + byte[] rawCert = tmp.toByteArray(); - // encode algorithm identifier - algId.encode(tmp); + // encode algorithm identifier + algId.encode(tmp); - // Create and encode the signature itself. - sigEngine.update(rawCert, 0, rawCert.length); - byte[] signature = sigEngine.sign(); - tmp.putBitString(signature); + // Create and encode the signature itself. + sigEngine.update(rawCert, 0, rawCert.length); + byte[] signature = sigEngine.sign(); + tmp.putBitString(signature); - // Wrap the signed data in a SEQUENCE { data, algorithm, sig } - out.write(DerValue.tag_Sequence, tmp); - byte[] signedCert = out.toByteArray(); + // Wrap the signed data in a SEQUENCE { data, algorithm, sig } + out.write(DerValue.tag_Sequence, tmp); + byte[] signedCert = out.toByteArray(); - return new X509CertImpl(info, algId, signature, signedCert); - } catch (IOException e) { - throw new CertificateEncodingException(e.toString()); - } + return new X509CertImpl(info, algId, signature, signedCert); } /** @@ -1253,13 +1247,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { default: // add DER encoded form DerOutputStream derOut = new DerOutputStream(); - try { - name.encode(derOut); - } catch (IOException ioe) { - // should not occur since name has already been decoded - // from cert (this would indicate a bug in our code) - throw new RuntimeException("name cannot be encoded", ioe); - } + name.encode(derOut); nameEntry.add(derOut.toByteArray()); if (name.getType() == GeneralNameInterface.NAME_ANY && name instanceof OtherName oname) { diff --git a/src/java.base/share/classes/sun/security/x509/X509CertInfo.java b/src/java.base/share/classes/sun/security/x509/X509CertInfo.java index f5d883676a5..1eb1840b276 100644 --- a/src/java.base/share/classes/sun/security/x509/X509CertInfo.java +++ b/src/java.base/share/classes/sun/security/x509/X509CertInfo.java @@ -145,15 +145,14 @@ public class X509CertInfo { * * @param out an output stream to which the certificate is appended. * @exception CertificateException on encoding errors. - * @exception IOException on other errors. */ public void encode(DerOutputStream out) - throws CertificateException, IOException { + throws CertificateException { if (rawCertInfo == null) { emit(out); rawCertInfo = out.toByteArray(); } else { - out.write(rawCertInfo.clone()); + out.writeBytes(rawCertInfo.clone()); } } @@ -170,7 +169,7 @@ public class X509CertInfo { rawCertInfo = tmp.toByteArray(); } return rawCertInfo.clone(); - } catch (IOException | CertificateException e) { + } catch (CertificateException e) { throw new CertificateEncodingException(e.toString()); } } @@ -464,8 +463,7 @@ public class X509CertInfo { /* * Marshal the contents of a "raw" certificate into a DER sequence. */ - private void emit(DerOutputStream out) - throws CertificateException, IOException { + private void emit(DerOutputStream out) throws CertificateException { DerOutputStream tmp = new DerOutputStream(); // version number, iff not V1 diff --git a/src/java.base/share/classes/sun/security/x509/X509Key.java b/src/java.base/share/classes/sun/security/x509/X509Key.java index edf2a08a859..c2a9f164ceb 100644 --- a/src/java.base/share/classes/sun/security/x509/X509Key.java +++ b/src/java.base/share/classes/sun/security/x509/X509Key.java @@ -55,7 +55,7 @@ import sun.security.util.*; * * @author David Brownell */ -public class X509Key implements PublicKey { +public class X509Key implements PublicKey, DerEncoder { /** use serialVersionUID from JDK 1.1. for interoperability */ @java.io.Serial @@ -100,8 +100,7 @@ public class X509Key implements PublicKey { * data is stored and transmitted losslessly, but no knowledge * about this particular algorithm is available. */ - private X509Key(AlgorithmId algid, BitArray key) - throws InvalidKeyException { + private X509Key(AlgorithmId algid, BitArray key) { this.algid = algid; setKey(key); encode(); @@ -190,10 +189,9 @@ public class X509Key implements PublicKey { * values using the X509Key member functions, such as parse * and decode. * - * @exception IOException on parsing errors. * @exception InvalidKeyException on invalid key encodings. */ - protected void parseKeyBits() throws IOException, InvalidKeyException { + protected void parseKeyBits() throws InvalidKeyException { encode(); } @@ -287,11 +285,9 @@ public class X509Key implements PublicKey { /** * Encode SubjectPublicKeyInfo sequence on the DER output stream. - * - * @exception IOException on encoding errors. */ - public final void encode(DerOutputStream out) throws IOException - { + @Override + public final void encode(DerOutputStream out) { encode(out, this.algid, getKey()); } @@ -299,26 +295,15 @@ public class X509Key implements PublicKey { * Returns the DER-encoded form of the key as a byte array. */ public byte[] getEncoded() { - try { - return getEncodedInternal().clone(); - } catch (InvalidKeyException e) { - // XXX - } - return null; + return getEncodedInternal().clone(); } - public byte[] getEncodedInternal() throws InvalidKeyException { + public byte[] getEncodedInternal() { byte[] encoded = encodedKey; if (encoded == null) { - try { - DerOutputStream out = new DerOutputStream(); - encode(out); - encoded = out.toByteArray(); - } catch (IOException e) { - throw new InvalidKeyException("IOException : " + - e.getMessage()); - } - encodedKey = encoded; + DerOutputStream out = new DerOutputStream(); + encode(out); + encodedKey = encoded = out.toByteArray(); } return encoded; } @@ -332,10 +317,8 @@ public class X509Key implements PublicKey { /** * Returns the DER-encoded form of the key as a byte array. - * - * @exception InvalidKeyException on encoding errors. */ - public byte[] encode() throws InvalidKeyException { + public byte[] encode() { return getEncodedInternal().clone(); } @@ -428,18 +411,14 @@ public class X509Key implements PublicKey { if (!(obj instanceof Key)) { return false; } - try { - byte[] thisEncoded = this.getEncodedInternal(); - byte[] otherEncoded; - if (obj instanceof X509Key) { - otherEncoded = ((X509Key)obj).getEncodedInternal(); - } else { - otherEncoded = ((Key)obj).getEncoded(); - } - return Arrays.equals(thisEncoded, otherEncoded); - } catch (InvalidKeyException e) { - return false; + byte[] thisEncoded = this.getEncodedInternal(); + byte[] otherEncoded; + if (obj instanceof X509Key) { + otherEncoded = ((X509Key) obj).getEncodedInternal(); + } else { + otherEncoded = ((Key) obj).getEncoded(); } + return Arrays.equals(thisEncoded, otherEncoded); } /** @@ -447,24 +426,18 @@ public class X509Key implements PublicKey { * which are equal will also have the same hashcode. */ public int hashCode() { - try { - byte[] b1 = getEncodedInternal(); - int r = b1.length; - for (int i = 0; i < b1.length; i++) { - r += (b1[i] & 0xff) * 37; - } - return r; - } catch (InvalidKeyException e) { - // should not happen - return 0; + byte[] b1 = getEncodedInternal(); + int r = b1.length; + for (int i = 0; i < b1.length; i++) { + r += (b1[i] & 0xff) * 37; } + return r; } /* * Produce SubjectPublicKey encoding from algorithm id and key material. */ - static void encode(DerOutputStream out, AlgorithmId algid, BitArray key) - throws IOException { + static void encode(DerOutputStream out, AlgorithmId algid, BitArray key) { DerOutputStream tmp = new DerOutputStream(); algid.encode(tmp); tmp.putUnalignedBitString(key); diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/Oid.java b/src/java.security.jgss/share/classes/org/ietf/jgss/Oid.java index 8d5df2e53e8..ec06ab3b965 100644 --- a/src/java.security.jgss/share/classes/org/ietf/jgss/Oid.java +++ b/src/java.security.jgss/share/classes/org/ietf/jgss/Oid.java @@ -174,13 +174,12 @@ public class Oid { */ public byte[] getDER() throws GSSException { + // Since JDK-8297065, this method no longer throws a GSSException. + // The throws clause in the method definition might be removed in + // a future Java GSS-API update. if (derEncoding == null) { DerOutputStream dout = new DerOutputStream(); - try { - dout.putOID(oid); - } catch (IOException e) { - throw new GSSException(GSSException.FAILURE, e.getMessage()); - } + dout.putOID(oid); derEncoding = dout.toByteArray(); } diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java index 471d3d4c2ba..dc61b82e4cd 100644 --- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java +++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java @@ -155,12 +155,9 @@ public class GSSHeader { int maxTotalSize) { int mechOidBytesSize = 0; - try { - DerOutputStream temp = new DerOutputStream(); - temp.putOID(mechOid); - mechOidBytesSize = temp.toByteArray().length; - } catch (IOException ignored) { - } + DerOutputStream temp = new DerOutputStream(); + temp.putOID(mechOid); + mechOidBytesSize = temp.toByteArray().length; // Subtract bytes needed for 0x60 tag and mechOidBytes maxTotalSize -= (1 + mechOidBytesSize); diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSNameImpl.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSNameImpl.java index 845b2dced09..174a827c3e2 100644 --- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSNameImpl.java +++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSNameImpl.java @@ -408,13 +408,7 @@ public final class GSSNameImpl implements GSSName { "Invalid OID String "); } DerOutputStream dout = new DerOutputStream(); - try { - dout.putOID(oid); - } catch (IOException e) { - throw new GSSExceptionImpl(GSSException.FAILURE, - "Could not ASN.1 Encode " - + oid.toString()); - } + dout.putOID(oid); oidBytes = dout.toByteArray(); byte[] retVal = new byte[2 diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/spnego/NegTokenInit.java b/src/java.security.jgss/share/classes/sun/security/jgss/spnego/NegTokenInit.java index 1f76679b3c7..b7e23a1970a 100644 --- a/src/java.security.jgss/share/classes/sun/security/jgss/spnego/NegTokenInit.java +++ b/src/java.security.jgss/share/classes/sun/security/jgss/spnego/NegTokenInit.java @@ -88,55 +88,49 @@ public class NegTokenInit extends SpNegoToken { parseToken(in); } - final byte[] encode() throws GSSException { - try { - // create negInitToken - DerOutputStream initToken = new DerOutputStream(); + final byte[] encode() { + // create negInitToken + DerOutputStream initToken = new DerOutputStream(); - // DER-encoded mechTypes with CONTEXT 00 - if (mechTypes != null) { - initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte) 0x00), mechTypes); - } - - // write context flags with CONTEXT 01 - if (reqFlags != null) { - DerOutputStream flags = new DerOutputStream(); - flags.putUnalignedBitString(reqFlags); - initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte) 0x01), flags); - } - - // mechToken with CONTEXT 02 - if (mechToken != null) { - DerOutputStream dataValue = new DerOutputStream(); - dataValue.putOctetString(mechToken); - initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte) 0x02), dataValue); - } - - // mechListMIC with CONTEXT 03 - if (mechListMIC != null) { - if (DEBUG) { - System.out.println("SpNegoToken NegTokenInit: " + - "sending MechListMIC"); - } - DerOutputStream mic = new DerOutputStream(); - mic.putOctetString(mechListMIC); - initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte) 0x03), mic); - } - - // insert in a SEQUENCE - DerOutputStream out = new DerOutputStream(); - out.write(DerValue.tag_Sequence, initToken); - - return out.toByteArray(); - - } catch (IOException e) { - throw new GSSException(GSSException.DEFECTIVE_TOKEN, -1, - "Invalid SPNEGO NegTokenInit token : " + e.getMessage()); + // DER-encoded mechTypes with CONTEXT 00 + if (mechTypes != null) { + initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte) 0x00), mechTypes); } + + // write context flags with CONTEXT 01 + if (reqFlags != null) { + DerOutputStream flags = new DerOutputStream(); + flags.putUnalignedBitString(reqFlags); + initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte) 0x01), flags); + } + + // mechToken with CONTEXT 02 + if (mechToken != null) { + DerOutputStream dataValue = new DerOutputStream(); + dataValue.putOctetString(mechToken); + initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte) 0x02), dataValue); + } + + // mechListMIC with CONTEXT 03 + if (mechListMIC != null) { + if (DEBUG) { + System.out.println("SpNegoToken NegTokenInit: " + + "sending MechListMIC"); + } + DerOutputStream mic = new DerOutputStream(); + mic.putOctetString(mechListMIC); + initToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte) 0x03), mic); + } + + // insert in a SEQUENCE + DerOutputStream out = new DerOutputStream(); + out.write(DerValue.tag_Sequence, initToken); + + return out.toByteArray(); } private void parseToken(byte[] in) throws GSSException { diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/spnego/NegTokenTarg.java b/src/java.security.jgss/share/classes/sun/security/jgss/spnego/NegTokenTarg.java index fb87af49fa3..bc6890ca6bf 100644 --- a/src/java.security.jgss/share/classes/sun/security/jgss/spnego/NegTokenTarg.java +++ b/src/java.security.jgss/share/classes/sun/security/jgss/spnego/NegTokenTarg.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -75,55 +75,49 @@ public class NegTokenTarg extends SpNegoToken { } final byte[] encode() throws GSSException { - try { - // create negTargToken - DerOutputStream targToken = new DerOutputStream(); + // create negTargToken + DerOutputStream targToken = new DerOutputStream(); - // write the negotiated result with CONTEXT 00 - DerOutputStream result = new DerOutputStream(); - result.putEnumerated(negResult); + // write the negotiated result with CONTEXT 00 + DerOutputStream result = new DerOutputStream(); + result.putEnumerated(negResult); + targToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte) 0x00), result); + + // supportedMech with CONTEXT 01 + if (supportedMech != null) { + DerOutputStream mech = new DerOutputStream(); + byte[] mechType = supportedMech.getDER(); + mech.writeBytes(mechType); targToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte) 0x00), result); - - // supportedMech with CONTEXT 01 - if (supportedMech != null) { - DerOutputStream mech = new DerOutputStream(); - byte[] mechType = supportedMech.getDER(); - mech.write(mechType); - targToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte) 0x01), mech); - } - - // response Token with CONTEXT 02 - if (responseToken != null) { - DerOutputStream rspToken = new DerOutputStream(); - rspToken.putOctetString(responseToken); - targToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte) 0x02), rspToken); - } - - // mechListMIC with CONTEXT 03 - if (mechListMIC != null) { - if (DEBUG) { - System.out.println("SpNegoToken NegTokenTarg: " + - "sending MechListMIC"); - } - DerOutputStream mic = new DerOutputStream(); - mic.putOctetString(mechListMIC); - targToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, - true, (byte) 0x03), mic); - } - - // insert in a SEQUENCE - DerOutputStream out = new DerOutputStream(); - out.write(DerValue.tag_Sequence, targToken); - - return out.toByteArray(); - - } catch (IOException e) { - throw new GSSException(GSSException.DEFECTIVE_TOKEN, -1, - "Invalid SPNEGO NegTokenTarg token : " + e.getMessage()); + true, (byte) 0x01), mech); } + + // response Token with CONTEXT 02 + if (responseToken != null) { + DerOutputStream rspToken = new DerOutputStream(); + rspToken.putOctetString(responseToken); + targToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte) 0x02), rspToken); + } + + // mechListMIC with CONTEXT 03 + if (mechListMIC != null) { + if (DEBUG) { + System.out.println("SpNegoToken NegTokenTarg: " + + "sending MechListMIC"); + } + DerOutputStream mic = new DerOutputStream(); + mic.putOctetString(mechListMIC); + targToken.write(DerValue.createTag(DerValue.TAG_CONTEXT, + true, (byte) 0x03), mic); + } + + // insert in a SEQUENCE + DerOutputStream out = new DerOutputStream(); + out.write(DerValue.tag_Sequence, targToken); + + return out.toByteArray(); } private void parseToken(byte[] in) throws GSSException { diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java index 0f3a8af3cb8..0b99abb3b41 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -230,14 +230,9 @@ final class P11ECKeyFactory extends P11KeyFactory { // Check whether the X9.63 encoding of an EC point shall be wrapped // in an ASN.1 OCTET STRING if (!token.config.getUseEcX963Encoding()) { - try { - encodedPoint = + encodedPoint = new DerValue(DerValue.tag_OctetString, encodedPoint) - .toByteArray(); - } catch (IOException e) { - throw new - IllegalArgumentException("Could not DER encode point", e); - } + .toByteArray(); } CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java index cae28a06d7b..4dd15d44128 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java @@ -801,13 +801,9 @@ abstract class P11Key implements Key, Length { token.ensureValid(); if (encoded == null) { fetchValues(); - try { - Key key = new sun.security.provider.DSAPublicKey - (y, params.getP(), params.getQ(), params.getG()); - encoded = key.getEncoded(); - } catch (InvalidKeyException e) { - throw new ProviderException(e); - } + Key key = new sun.security.provider.DSAPublicKey + (y, params.getP(), params.getQ(), params.getG()); + encoded = key.getEncoded(); } return encoded; } diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Signature.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Signature.java index 9a2862b5e3d..5efe675f79d 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Signature.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Signature.java @@ -765,11 +765,7 @@ final class P11Signature extends SignatureSpi { } private byte[] encodeSignature(byte[] digest) throws SignatureException { - try { - return RSAUtil.encodeSignature(digestOID, digest); - } catch (IOException e) { - throw new SignatureException("Invalid encoding", e); - } + return RSAUtil.encodeSignature(digestOID, digest); } private static KnownOIDs getDigestEnum(String algorithm) @@ -802,16 +798,12 @@ final class P11Signature extends SignatureSpi { int n = signature.length >> 1; BigInteger r = new BigInteger(1, P11Util.subarray(signature, 0, n)); BigInteger s = new BigInteger(1, P11Util.subarray(signature, n, n)); - try { - DerOutputStream outseq = new DerOutputStream(100); - outseq.putInteger(r); - outseq.putInteger(s); - DerValue result = new DerValue(DerValue.tag_Sequence, - outseq.toByteArray()); - return result.toByteArray(); - } catch (IOException e) { - throw new RuntimeException("Internal error", e); - } + DerOutputStream outseq = new DerOutputStream(100); + outseq.putInteger(r); + outseq.putInteger(s); + DerValue result = new DerValue(DerValue.tag_Sequence, + outseq.toByteArray()); + return result.toByteArray(); } private static byte[] asn1ToDSA(byte[] sig, int sigLen) diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java index f227f1b96b8..e984f8c9523 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java @@ -98,47 +98,38 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey { private void makeEncoding(byte[] s) throws InvalidKeyException { algid = new AlgorithmId - (AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(params)); - try { - DerOutputStream out = new DerOutputStream(); - out.putInteger(1); // version 1 - byte[] privBytes = s.clone(); - ArrayUtil.reverse(privBytes); - out.putOctetString(privBytes); - Arrays.fill(privBytes, (byte)0); - DerValue val = DerValue.wrap(DerValue.tag_Sequence, out); - key = val.toByteArray(); - val.clear(); - } catch (IOException exc) { - // should never occur - throw new InvalidKeyException(exc); - } + (AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(params)); + DerOutputStream out = new DerOutputStream(); + out.putInteger(1); // version 1 + byte[] privBytes = s.clone(); + ArrayUtil.reverse(privBytes); + out.putOctetString(privBytes); + Arrays.fill(privBytes, (byte) 0); + DerValue val = DerValue.wrap(DerValue.tag_Sequence, out); + key = val.toByteArray(); + val.clear(); } private void makeEncoding(BigInteger s) throws InvalidKeyException { algid = new AlgorithmId(AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(params)); - try { - byte[] sArr = s.toByteArray(); - // convert to fixed-length array - int numOctets = (params.getOrder().bitLength() + 7) / 8; - byte[] sOctets = new byte[numOctets]; - int inPos = Math.max(sArr.length - sOctets.length, 0); - int outPos = Math.max(sOctets.length - sArr.length, 0); - int length = Math.min(sArr.length, sOctets.length); - System.arraycopy(sArr, inPos, sOctets, outPos, length); - Arrays.fill(sArr, (byte)0); + byte[] sArr = s.toByteArray(); + // convert to fixed-length array + int numOctets = (params.getOrder().bitLength() + 7) / 8; + byte[] sOctets = new byte[numOctets]; + int inPos = Math.max(sArr.length - sOctets.length, 0); + int outPos = Math.max(sOctets.length - sArr.length, 0); + int length = Math.min(sArr.length, sOctets.length); + System.arraycopy(sArr, inPos, sOctets, outPos, length); + Arrays.fill(sArr, (byte) 0); - DerOutputStream out = new DerOutputStream(); - out.putInteger(1); // version 1 - out.putOctetString(sOctets); - Arrays.fill(sOctets, (byte)0); - DerValue val = DerValue.wrap(DerValue.tag_Sequence, out); - key = val.toByteArray(); - val.clear(); - } catch (IOException exc) { - throw new AssertionError("Should not happen", exc); - } + DerOutputStream out = new DerOutputStream(); + out.putInteger(1); // version 1 + out.putOctetString(sOctets); + Arrays.fill(sOctets, (byte) 0); + DerValue val = DerValue.wrap(DerValue.tag_Sequence, out); + key = val.toByteArray(); + val.clear(); } // see JCA doc diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHPrivateKeyImpl.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHPrivateKeyImpl.java index 50802c60eb2..c5893080b58 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHPrivateKeyImpl.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHPrivateKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -54,8 +54,6 @@ public final class XDHPrivateKeyImpl extends PKCS8Key implements XECPrivateKey { DerValue val = new DerValue(DerValue.tag_OctetString, k); try { this.key = val.toByteArray(); - } catch (IOException ex) { - throw new AssertionError("Should not happen", ex); } finally { val.clear(); } diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java index bf04bf73758..4adea3f857d 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2020, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,7 +27,6 @@ package sun.security.ec.ed; import java.io.IOException; import java.security.InvalidKeyException; -import java.security.ProviderException; import java.security.interfaces.EdECPrivateKey; import java.util.Optional; import java.security.spec.NamedParameterSpec; @@ -55,8 +54,6 @@ public final class EdDSAPrivateKeyImpl DerValue val = new DerValue(DerValue.tag_OctetString, h); try { this.key = val.toByteArray(); - } catch (IOException ex) { - throw new AssertionError("Should not happen", ex); } finally { val.clear(); } diff --git a/test/langtools/tools/jdeps/jdkinternals/src/q/NoRepl.java b/test/langtools/tools/jdeps/jdkinternals/src/q/NoRepl.java index e5d4cedea8a..31c9b22f030 100644 --- a/test/langtools/tools/jdeps/jdkinternals/src/q/NoRepl.java +++ b/test/langtools/tools/jdeps/jdkinternals/src/q/NoRepl.java @@ -23,13 +23,12 @@ package q; -import java.io.IOException; import sun.security.util.DerEncoder; import sun.security.util.DerOutputStream; public class NoRepl implements DerEncoder { @Override - public void encode(DerOutputStream out) throws IOException { - throw new IOException(); + public void encode(DerOutputStream out) { + throw new RuntimeException(); } } diff --git a/test/lib/jdk/test/lib/security/timestamp/TsaSigner.java b/test/lib/jdk/test/lib/security/timestamp/TsaSigner.java index d0238e1aa5d..2d18cf768c8 100644 --- a/test/lib/jdk/test/lib/security/timestamp/TsaSigner.java +++ b/test/lib/jdk/test/lib/security/timestamp/TsaSigner.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2020, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -228,7 +228,7 @@ public class TsaSigner { PKCS7 p7 = new PKCS7(new AlgorithmId[] { digestAlgoId }, eContentInfo, signerCertChain, new SignerInfo[] { signerInfo }); - ByteArrayOutputStream signedDataOut = new ByteArrayOutputStream(); + DerOutputStream signedDataOut = new DerOutputStream(); p7.encodeSignedData(signedDataOut); byte[] signedData = signedDataOut.toByteArray(); debug("Signed data", signedData);