diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java index 70e69d9b877..3a1bb807263 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Config.java @@ -88,7 +88,7 @@ final class Config { private static final boolean DEBUG = false; // file name containing this configuration - private String filename; + private final String filename; // Reader and StringTokenizer used during parsing private Reader reader; diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java index 7a91d17e74c..d8477217947 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11AEADCipher.java @@ -110,9 +110,9 @@ final class P11AEADCipher extends CipherSpi { private SecureRandom random = JCAUtil.getSecureRandom(); // dataBuffer is cleared upon doFinal calls - private ByteArrayOutputStream dataBuffer = new ByteArrayOutputStream(); + private final ByteArrayOutputStream dataBuffer = new ByteArrayOutputStream(); // aadBuffer is cleared upon successful init calls - private ByteArrayOutputStream aadBuffer = new ByteArrayOutputStream(); + private final ByteArrayOutputStream aadBuffer = new ByteArrayOutputStream(); private boolean updateCalled = false; private boolean requireReinit = false; diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java index af6fbeba48a..bd2d6e81311 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java @@ -1321,7 +1321,7 @@ final class NativeKeyHolder { private long keyID; // phantom reference notification clean up for session keys - private SessionKeyRef ref; + private final SessionKeyRef ref; private int refCount; diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyWrapCipher.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyWrapCipher.java index cdd01d6f5fc..75b28d3eaab 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyWrapCipher.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyWrapCipher.java @@ -117,7 +117,7 @@ final class P11KeyWrapCipher extends CipherSpi { private SecureRandom random = JCAUtil.getSecureRandom(); // dataBuffer for storing enc/dec data; cleared upon doFinal calls - private ByteArrayOutputStream dataBuffer = new ByteArrayOutputStream(); + private final ByteArrayOutputStream dataBuffer = new ByteArrayOutputStream(); P11KeyWrapCipher(Token token, String algorithm, long mechanism) throws PKCS11Exception, NoSuchAlgorithmException { diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11RSACipher.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11RSACipher.java index f2c791cb3ef..626f3c3c008 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11RSACipher.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11RSACipher.java @@ -625,7 +625,7 @@ final class ConstructKeys { * * @return a public key constructed from the encodedKey. */ - private static final PublicKey constructPublicKey(byte[] encodedKey, + private static PublicKey constructPublicKey(byte[] encodedKey, String encodedKeyAlgorithm) throws InvalidKeyException, NoSuchAlgorithmException { try { @@ -652,7 +652,7 @@ final class ConstructKeys { * * @return a private key constructed from the encodedKey. */ - private static final PrivateKey constructPrivateKey(byte[] encodedKey, + private static PrivateKey constructPrivateKey(byte[] encodedKey, String encodedKeyAlgorithm) throws InvalidKeyException, NoSuchAlgorithmException { try { @@ -679,12 +679,12 @@ final class ConstructKeys { * * @return a secret key constructed from the encodedKey. */ - private static final SecretKey constructSecretKey(byte[] encodedKey, + private static SecretKey constructSecretKey(byte[] encodedKey, String encodedKeyAlgorithm) { return new SecretKeySpec(encodedKey, encodedKeyAlgorithm); } - static final Key constructKey(byte[] encoding, String keyAlgorithm, + static Key constructKey(byte[] encoding, String keyAlgorithm, int keyType) throws InvalidKeyException, NoSuchAlgorithmException { return switch (keyType) { case Cipher.SECRET_KEY -> constructSecretKey(encoding, keyAlgorithm); diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java index 981a3761933..0442c36594d 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java @@ -55,7 +55,7 @@ final class P11TlsRsaPremasterSecretGenerator extends KeyGeneratorSpi { private final String algorithm; // mechanism id - private long mechanism; + private final long mechanism; @SuppressWarnings("deprecation") private TlsRsaPremasterSecretParameterSpec spec; diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java index 67dd2dc33dd..5a3229653de 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Util.java @@ -43,7 +43,7 @@ public final class P11Util { // A cleaner, shared within this module. public static final Cleaner cleaner = Cleaner.create(); - private static Object LOCK = new Object(); + private static final Object LOCK = new Object(); private static volatile Provider sun, sunRsaSign, sunJce; diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Session.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Session.java index 8035eac9a92..1ce66803639 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Session.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Session.java @@ -135,7 +135,7 @@ final class Session implements Comparable { static boolean drainRefQueue() { boolean found = false; SessionRef next; - while ((next = (SessionRef) SessionRef.refQueue.poll())!= null) { + while ((next = (SessionRef) SessionRef.REF_QUEUE.poll())!= null) { found = true; next.dispose(); } @@ -150,24 +150,24 @@ final class Session implements Comparable { final class SessionRef extends PhantomReference implements Comparable { - static ReferenceQueue refQueue = new ReferenceQueue<>(); + static final ReferenceQueue REF_QUEUE = new ReferenceQueue<>(); - private static Set refList = + private static final Set REF_LIST = Collections.synchronizedSortedSet(new TreeSet<>()); // handle to the native session - private long id; - private Token token; + private final long id; + private final Token token; SessionRef(Session session, long id, Token token) { - super(session, refQueue); + super(session, REF_QUEUE); this.id = id; this.token = token; - refList.add(this); + REF_LIST.add(this); } void dispose() { - refList.remove(this); + REF_LIST.remove(this); try { if (token.isPresent(id)) { token.p11.C_CloseSession(id); diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SessionManager.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SessionManager.java index a9f81c0bdf6..49d95884e76 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SessionManager.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SessionManager.java @@ -78,7 +78,7 @@ final class SessionManager { private final int maxSessions; // total number of active sessions - private AtomicInteger activeSessions = new AtomicInteger(); + private final AtomicInteger activeSessions = new AtomicInteger(); // pool of available object sessions private final Pool objSessions; @@ -88,7 +88,7 @@ final class SessionManager { // maximum number of active sessions during this invocation, for debugging private int maxActiveSessions; - private Object maxActiveSessionsLock; + private final Object maxActiveSessionsLock; // flags to use in the C_OpenSession() call private final long openSessionFlags; @@ -112,9 +112,9 @@ final class SessionManager { this.token = token; this.objSessions = new Pool(this, true); this.opSessions = new Pool(this, false); - if (debug != null) { - maxActiveSessionsLock = new Object(); - } + this.maxActiveSessionsLock = (debug != null) + ? new Object() + : null; } // returns whether only a fairly low number of sessions are diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java index 6ffee7ea2a0..3378409ca1c 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java @@ -46,7 +46,7 @@ import static sun.security.pkcs11.wrapper.PKCS11Exception.RV.*; * @author Andreas Sterbenz * @since 1.5 */ -class Token implements Serializable { +final class Token implements Serializable { // need to be serializable to allow SecureRandom to be serialized @Serial