jdk Udiff src/java.base/share/classes/javax/crypto/JceSecurity.java

src/java.base/share/classes/javax/crypto/JceSecurity.java

rev 10700 : 8058845: Update JCE environment for build improvements
Reviewed-by: mullan, alanb, erikj, mchung, katleman

@@ -74,15 +74,13 @@
     }
 
     static {
         try {
             AccessController.doPrivileged(
-                new PrivilegedExceptionAction<Object>() {
-                    public Object run() throws Exception {
+                    (PrivilegedExceptionAction<Object>) () -> {
                         setupJurisdictionPolicies();
                         return null;
-                    }
                 });
 
             isRestricted = defaultPolicy.implies(
                 CryptoAllPermission.INSTANCE) ? false : true;
         } catch (Exception e) {

@@ -141,25 +139,25 @@
      * JAR file and returns the permissions bundled with the JAR.
      *
      * @throws Exception on error
      */
     static CryptoPermissions verifyExemptJar(URL codeBase) throws Exception {
-        JarVerifier jv = new JarVerifier(codeBase, true);
+        URLVerifier jv = new URLVerifier(codeBase, true);
         jv.verify();
         return jv.getPermissions();
     }
 
     /**
      * Verify if the JAR at URL codeBase is a signed provider JAR file.
      *
      * @throws Exception on error
      */
-    static void verifyProviderJar(URL codeBase) throws Exception {
+    static void verifyProviderJar(URL codeBase, Provider p) throws Exception {
         // Verify the provider JAR file and all
         // supporting JAR files if there are any.
-        JarVerifier jv = new JarVerifier(codeBase, false);
-        jv.verify();
+        URLVerifier uv = new URLVerifier(codeBase, p, false);
+        uv.verify();
     }
 
     private final static Object PROVIDER_VERIFIED = Boolean.TRUE;
 
     /*

@@ -181,11 +179,11 @@
             return new NoSuchProviderException("Recursion during verification");
         }
         try {
             verifyingProviders.put(p, Boolean.FALSE);
             URL providerURL = getCodeBase(p.getClass());
-            verifyProviderJar(providerURL);
+            verifyProviderJar(providerURL, p);
             // Verified ok, cache result
             verificationResults.put(p, PROVIDER_VERIFIED);
             return null;
         } catch (Exception e) {
             verificationResults.put(p, e);

@@ -220,21 +218,20 @@
      */
     static URL getCodeBase(final Class<?> clazz) {
         synchronized (codeBaseCacheRef) {
             URL url = codeBaseCacheRef.get(clazz);
             if (url == null) {
-                url = AccessController.doPrivileged(new PrivilegedAction<URL>() {
-                    public URL run() {
+                url = AccessController.doPrivileged(
+                        (PrivilegedAction<URL>) () -> {
                         ProtectionDomain pd = clazz.getProtectionDomain();
                         if (pd != null) {
                             CodeSource cs = pd.getCodeSource();
                             if (cs != null) {
                                 return cs.getLocation();
                             }
                         }
                         return NULL_URL;
-                    }
                 });
                 codeBaseCacheRef.put(clazz, url);
             }
             return (url == NULL_URL) ? null : url;
         }

@@ -313,11 +310,11 @@
             }
 
             // Enforce the signer restraint, i.e. signer of JCE framework
             // jar should also be the signer of the two jurisdiction policy
             // jar files.
-            JarVerifier.verifyPolicySigned(je.getCertificates());
+            URLVerifier.verifyPolicySigned(je.getCertificates());
         }
         // Close and nullify the JarFile reference to help GC.
         jf.close();
         jf = null;
     }