diff --git a/build.xml b/build.xml index c395603c..0b60dabb 100644 --- a/build.xml +++ b/build.xml @@ -297,6 +297,7 @@ classpathref="classpath" includeantruntime="false"> + diff --git a/src/java/com/wolfssl/WolfCryptEccKey.java b/src/java/com/wolfssl/WolfCryptEccKey.java index 16d10c95..7d55572d 100644 --- a/src/java/com/wolfssl/WolfCryptEccKey.java +++ b/src/java/com/wolfssl/WolfCryptEccKey.java @@ -110,7 +110,7 @@ public byte[] getPrivateKeyPKCS8() { return EccPrivateKeyToPKCS8(getEccKeyPtr()); } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/WolfSSL.java b/src/java/com/wolfssl/WolfSSL.java index b9ab4218..e89c14ba 100644 --- a/src/java/com/wolfssl/WolfSSL.java +++ b/src/java/com/wolfssl/WolfSSL.java @@ -2024,7 +2024,7 @@ protected static int getNamedGroupFromString(String curveName) { } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/WolfSSLCRL.java b/src/java/com/wolfssl/WolfSSLCRL.java index 4222ff2a..caba01c1 100644 --- a/src/java/com/wolfssl/WolfSSLCRL.java +++ b/src/java/com/wolfssl/WolfSSLCRL.java @@ -880,7 +880,7 @@ public synchronized void free() { } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { this.free(); diff --git a/src/java/com/wolfssl/WolfSSLCertManager.java b/src/java/com/wolfssl/WolfSSLCertManager.java index 2fa1b2fa..57c40864 100644 --- a/src/java/com/wolfssl/WolfSSLCertManager.java +++ b/src/java/com/wolfssl/WolfSSLCertManager.java @@ -335,7 +335,7 @@ public synchronized void free() throws IllegalStateException { } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/WolfSSLCertRequest.java b/src/java/com/wolfssl/WolfSSLCertRequest.java index 351e3343..30cd1c0c 100644 --- a/src/java/com/wolfssl/WolfSSLCertRequest.java +++ b/src/java/com/wolfssl/WolfSSLCertRequest.java @@ -853,7 +853,7 @@ public synchronized void free() { } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/WolfSSLCertificate.java b/src/java/com/wolfssl/WolfSSLCertificate.java index 7e4fee30..9c9cfa2a 100644 --- a/src/java/com/wolfssl/WolfSSLCertificate.java +++ b/src/java/com/wolfssl/WolfSSLCertificate.java @@ -2624,7 +2624,7 @@ public synchronized void free() { } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/WolfSSLContext.java b/src/java/com/wolfssl/WolfSSLContext.java index 9a50d940..8cb15178 100644 --- a/src/java/com/wolfssl/WolfSSLContext.java +++ b/src/java/com/wolfssl/WolfSSLContext.java @@ -2546,7 +2546,7 @@ WolfSSLDebug.INFO, getContextPtr(), flushSessions(getContextPtr(), tm); } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/WolfSSLDebug.java b/src/java/com/wolfssl/WolfSSLDebug.java index f3e7dde9..d8462ca5 100644 --- a/src/java/com/wolfssl/WolfSSLDebug.java +++ b/src/java/com/wolfssl/WolfSSLDebug.java @@ -213,6 +213,7 @@ public String format(LogRecord record) { Level level = record.getLevel(); String levelStr = (level != null) ? level.toString() : "UNKNOWN"; + @SuppressWarnings("deprecation") long threadId = record.getThreadID(); String message = record.getMessage(); if (message == null) { @@ -233,6 +234,7 @@ public String format(LogRecord record) { * JSON formatter for wolfSSL logs */ private static class JSONFormatter extends Formatter { + @SuppressWarnings("deprecation") @Override public String format(LogRecord record) { if (record == null) { diff --git a/src/java/com/wolfssl/WolfSSLNameConstraints.java b/src/java/com/wolfssl/WolfSSLNameConstraints.java index ac428894..639ebde1 100644 --- a/src/java/com/wolfssl/WolfSSLNameConstraints.java +++ b/src/java/com/wolfssl/WolfSSLNameConstraints.java @@ -239,7 +239,7 @@ public void free() { } @Override - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) protected void finalize() throws Throwable { try { free(); diff --git a/src/java/com/wolfssl/WolfSSLNativeLoggingCallback.java b/src/java/com/wolfssl/WolfSSLNativeLoggingCallback.java index b6f90e58..53d4ba83 100644 --- a/src/java/com/wolfssl/WolfSSLNativeLoggingCallback.java +++ b/src/java/com/wolfssl/WolfSSLNativeLoggingCallback.java @@ -33,6 +33,7 @@ */ class WolfSSLNativeLoggingCallback implements WolfSSLLoggingCallback { + @SuppressWarnings("deprecation") public synchronized void loggingCallback(int logLevel, String logMessage) { System.err.println( diff --git a/src/java/com/wolfssl/WolfSSLSession.java b/src/java/com/wolfssl/WolfSSLSession.java index bb9ecb0e..476995fb 100644 --- a/src/java/com/wolfssl/WolfSSLSession.java +++ b/src/java/com/wolfssl/WolfSSLSession.java @@ -5910,7 +5910,7 @@ public synchronized long sessionFromDer(byte[] data) } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/WolfSSLX509Name.java b/src/java/com/wolfssl/WolfSSLX509Name.java index 7f37c4c4..9563c3df 100644 --- a/src/java/com/wolfssl/WolfSSLX509Name.java +++ b/src/java/com/wolfssl/WolfSSLX509Name.java @@ -626,7 +626,7 @@ public synchronized void free() { } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java b/src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java index aa82f0cb..a139f9e5 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java @@ -789,7 +789,7 @@ protected boolean removeEldestEntry(Map.Entry oldest) { } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected synchronized void finalize() throws Throwable { /* Clear LinkedHashMap and set to null to allow diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLContext.java b/src/java/com/wolfssl/provider/jsse/WolfSSLContext.java index b459d6e7..1a00639f 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLContext.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLContext.java @@ -601,7 +601,7 @@ protected com.wolfssl.WolfSSLContext getInternalWolfSSLContext() { return this.ctx; } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { if (this.ctx != null) { diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java b/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java index 31485143..be1aa670 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java @@ -2806,7 +2806,7 @@ public int sessionTicketCallback(WolfSSLSession ssl, byte[] ticket, } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected synchronized void finalize() throws Throwable { if (this.ssl != null) { diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java b/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java index aa248c80..df43bdbd 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java @@ -1971,7 +1971,7 @@ protected synchronized void clearObjectState() { this.authStore = null; } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected synchronized void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java b/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java index 58c2998a..9718c78c 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java @@ -622,6 +622,7 @@ public Certificate[] getLocalCertificates() { return km.getCertificateChain(authStore.getCertAlias()); } + @SuppressWarnings("removal") @Override public synchronized javax.security.cert.X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException { @@ -1181,7 +1182,7 @@ public synchronized List getRequestedServerNames() return Collections.emptyList(); } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected synchronized void finalize() throws Throwable { diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java b/src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java index fdd13f41..f09f9a96 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java @@ -446,6 +446,7 @@ else if (eng != null) { * SSL/TLS handshake should continue. Otherwise return 0 * to mark verification failure and stop/abort handshake. */ + @SuppressWarnings("deprecation") public int verifyCallback(int preverify_ok, long x509StorePtr) { WolfSSLCertificate[] certs = null; diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLKeyX509.java b/src/java/com/wolfssl/provider/jsse/WolfSSLKeyX509.java index 33f6860e..9e997ace 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLKeyX509.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLKeyX509.java @@ -22,7 +22,6 @@ package com.wolfssl.provider.jsse; import java.net.Socket; -import java.security.AccessController; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.Principal; @@ -90,9 +89,11 @@ public WolfSSLKeyX509(KeyStore store, char[] password) () -> "creating new WolfSSLKeyX509 object"); /* Check Security property once at construction time. - * Use doPrivileged for SecurityManager compatibility. */ + * Use doPrivileged for SecurityManager compatibility. + * AccessController used via FQN to avoid import-line removal + * warning on JDK 17+. */ @SuppressWarnings("removal") - String disableCacheValue = AccessController.doPrivileged( + String disableCacheValue = java.security.AccessController.doPrivileged( new PrivilegedAction() { public String run() { return Security.getProperty(DISABLE_CACHE_PROPERTY); @@ -215,6 +216,7 @@ private void populateCache(KeyStore store, char[] password) * null - if no alias matches found in KeyStore. * String[] - aliases, if found that match type and/or issuers */ + @SuppressWarnings("deprecation") private String[] getAliasesFromKeyStore(String type, Principal[] issuers) throws KeyStoreException { @@ -286,6 +288,7 @@ private String[] getAliasesFromKeyStore(String type, Principal[] issuers) * null - if no alias matches found. * String[] - aliases, if found that match type and/or issuers */ + @SuppressWarnings("deprecation") private String[] getAliases(String type, Principal[] issuers) { /* Check if caching is disabled, use direct KeyStore access */ @@ -555,6 +558,7 @@ public PrivateKey getPrivateKey(String alias) { /** * Clear sensitive data when object is garbage collected */ + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { try { diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java b/src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java index e8103aa5..a81c34de 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java @@ -22,7 +22,6 @@ import java.lang.reflect.Method; import java.lang.reflect.InvocationTargetException; -import java.security.AccessController; import java.security.PrivilegedAction; import javax.net.ssl.SSLParameters; import com.wolfssl.provider.jsse.WolfSSLJDK8Helper; @@ -53,7 +52,16 @@ public WolfSSLParametersHelper() { } * has SSLParameters methods that older versions may not have */ static { - AccessController.doPrivileged(new PrivilegedAction() { + detectSSLParametersMethods(); + } + + /* AccessController used via FQN to avoid import-line removal + * warning on JDK 17+. */ + @SuppressWarnings("removal") + private static void detectSSLParametersMethods() + { + java.security.AccessController + .doPrivileged(new PrivilegedAction() { public Object run() { Class c = SSLParameters.class; Method[] methods = c.getDeclaredMethods(); diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java b/src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java index 29234337..beab9e0a 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java @@ -75,6 +75,7 @@ public void errorCallback(int ok, int err, String hash) { /** * wolfSSL JSSE Provider class */ + @SuppressWarnings("deprecation") public WolfSSLProvider() { super("wolfJSSE", 1.17, "wolfSSL JSSE Provider"); /* super("wolfJSSE", "1.17", "wolfSSL JSSE Provider"); */ diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java index f009337f..74ba16c2 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java @@ -1514,6 +1514,7 @@ public synchronized void removeHandshakeCompletedListener( * * @throws IOException if a network error occurs */ + @SuppressWarnings("deprecation") @Override public synchronized void startHandshake() throws IOException { int ret; @@ -2319,7 +2320,7 @@ public synchronized void connect(SocketAddress endpoint, int timeout) } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected synchronized void finalize() throws Throwable { if (this.ssl != null) { diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLTrustX509.java b/src/java/com/wolfssl/provider/jsse/WolfSSLTrustX509.java index d080c1f2..dcdaecd3 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLTrustX509.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLTrustX509.java @@ -1339,7 +1339,7 @@ public X509Certificate[] getAcceptedIssuers() { } } - @SuppressWarnings("deprecation") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { this.store = null; diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLX509.java b/src/java/com/wolfssl/provider/jsse/WolfSSLX509.java index 2da3507b..2652872f 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLX509.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLX509.java @@ -181,6 +181,7 @@ public BigInteger getSerialNumber() { return this.cert.getSerial(); } + @SuppressWarnings("deprecation") @Override public Principal getIssuerDN() { @@ -194,6 +195,7 @@ public Principal getIssuerDN() { return new WolfSSLPrincipal(name); } + @SuppressWarnings("deprecation") @Override public Principal getSubjectDN() { @@ -678,7 +680,7 @@ public byte[] getExtensionValue(String oid) { } - @SuppressWarnings("removal") + @SuppressWarnings({"deprecation", "removal"}) @Override protected void finalize() throws Throwable { try { diff --git a/src/java/com/wolfssl/provider/jsse/WolfSSLX509X.java b/src/java/com/wolfssl/provider/jsse/WolfSSLX509X.java index 4c31c1f9..4270c167 100644 --- a/src/java/com/wolfssl/provider/jsse/WolfSSLX509X.java +++ b/src/java/com/wolfssl/provider/jsse/WolfSSLX509X.java @@ -40,7 +40,7 @@ * * @author wolfSSL */ -@SuppressWarnings("deprecation") +@SuppressWarnings({"deprecation", "removal"}) public class WolfSSLX509X extends X509Certificate { WolfSSLX509 cert; diff --git a/src/java/com/wolfssl/provider/jsse/adapter/WolfSSLJDK8Helper.java b/src/java/com/wolfssl/provider/jsse/adapter/WolfSSLJDK8Helper.java index 882d90df..25aea4cb 100644 --- a/src/java/com/wolfssl/provider/jsse/adapter/WolfSSLJDK8Helper.java +++ b/src/java/com/wolfssl/provider/jsse/adapter/WolfSSLJDK8Helper.java @@ -24,7 +24,6 @@ import java.util.ArrayList; import java.lang.reflect.Method; import java.lang.reflect.InvocationTargetException; -import java.security.AccessController; import java.security.PrivilegedAction; import javax.net.ssl.SSLParameters; import javax.net.ssl.SNIServerName; @@ -52,6 +51,7 @@ public WolfSSLJDK8Helper() { } * @param m Java method to call to set SNI server names * @param in WolfSSLParameters to set SNI names from */ + @SuppressWarnings("removal") protected static void setServerNames(final SSLParameters out, final Method m, WolfSSLParameters in) { @@ -69,8 +69,11 @@ protected static void setServerNames(final SSLParameters out, sni.add(new SNIHostName(name.getEncoded())); } - /* call SSLParameters.setServerName() */ - AccessController.doPrivileged(new PrivilegedAction() { + /* call SSLParameters.setServerNames(). + * AccessController used via FQN to avoid import-line removal + * warning on JDK 17+. */ + java.security.AccessController + .doPrivileged(new PrivilegedAction() { public Object run() { try { m.invoke(out, sni); @@ -122,6 +125,7 @@ protected static void getServerNames(final SSLParameters in, * @param m method to invoke to set protocols * @param in input WolfSSLParameters to read ALPN protocols from */ + @SuppressWarnings("removal") protected static void setApplicationProtocols(final SSLParameters out, final Method m, WolfSSLParameters in) { @@ -134,7 +138,8 @@ protected static void setApplicationProtocols(final SSLParameters out, final Object[] appProtoArr = {appProtos}; if (appProtos != null) { /* call SSLParameters.setApplicationProtocols() */ - AccessController.doPrivileged(new PrivilegedAction() { + java.security.AccessController + .doPrivileged(new PrivilegedAction() { public Object run() { try { m.invoke(out, appProtoArr); @@ -190,6 +195,7 @@ protected static void getApplicationProtocols(final SSLParameters in, * @param m method to invoke to set endpoint ID algo * @param in input WolfSSLParameters to read endpoint ID algo from */ + @SuppressWarnings("removal") protected static void setEndpointIdentificationAlgorithm( final SSLParameters out, final Method m, WolfSSLParameters in) { @@ -202,7 +208,8 @@ protected static void setEndpointIdentificationAlgorithm( final String idAlgo = in.getEndpointIdentificationAlgorithm(); if (idAlgo != null) { /* call SSLParameters.setEndpointIdentificationAlgorithm() */ - AccessController.doPrivileged(new PrivilegedAction() { + java.security.AccessController + .doPrivileged(new PrivilegedAction() { public Object run() { try { m.invoke(out, idAlgo); diff --git a/src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineMemoryLeakTest.java b/src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineMemoryLeakTest.java index 6794632f..dc2cf99c 100644 --- a/src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineMemoryLeakTest.java +++ b/src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineMemoryLeakTest.java @@ -82,6 +82,7 @@ public static void setupProvider() { * The test will fail if JNI global references prevent garbage collection. */ @Test + @SuppressWarnings("removal") public void testEngineMemoryLeakWithAbandonedEngines() throws Exception { /* Skip on Android due to performance and timeout issues */ diff --git a/src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineTest.java b/src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineTest.java index f6a2ceea..ff870199 100644 --- a/src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineTest.java +++ b/src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineTest.java @@ -2489,6 +2489,7 @@ private ByteBuffer enlargeBuffer(ByteBuffer buffer, int size) { * when no client auth requested, matching SunJSSE/Netty expectations. */ @Test + @SuppressWarnings("removal") public void testGetPeerCertificateChainNoClientAuth() throws Exception { String protocol = null; diff --git a/src/test/com/wolfssl/provider/jsse/test/WolfSSLSessionTest.java b/src/test/com/wolfssl/provider/jsse/test/WolfSSLSessionTest.java index 4ae17c55..5567a1e2 100644 --- a/src/test/com/wolfssl/provider/jsse/test/WolfSSLSessionTest.java +++ b/src/test/com/wolfssl/provider/jsse/test/WolfSSLSessionTest.java @@ -92,6 +92,7 @@ public static void testProviderInstallationAtRuntime() @Test + @SuppressWarnings("removal") public void testSessionTimeAndCerts() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, CertificateException, IOException, @@ -148,6 +149,7 @@ public void testSessionTimeAndCerts() } @Test + @SuppressWarnings("removal") public void testNullSession() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, CertificateException, IOException, diff --git a/src/test/com/wolfssl/provider/jsse/test/WolfSSLX509Test.java b/src/test/com/wolfssl/provider/jsse/test/WolfSSLX509Test.java index 9450bb5f..3fa0e377 100644 --- a/src/test/com/wolfssl/provider/jsse/test/WolfSSLX509Test.java +++ b/src/test/com/wolfssl/provider/jsse/test/WolfSSLX509Test.java @@ -73,6 +73,7 @@ import com.wolfssl.provider.jsse.WolfSSLX509X; import com.wolfssl.test.TimedTestWatcher; +@SuppressWarnings("removal") public class WolfSSLX509Test { @Rule