Summary
-------
Replace implicit default constructors with explicit declare constructors across security libraries.
Problem
-------
Default constructors considered harmful.
Solution
--------
Add the explicit constructors to the affected classes. One class appears to new need a constructor so it is declared as terminally deprecated.
Specification
-------------
--- old/src/java.base/share/classes/java/security/AlgorithmParameterGeneratorSpi.java 2020-07-23 19:54:25.439597194 -0700
+++ new/src/java.base/share/classes/java/security/AlgorithmParameterGeneratorSpi.java 2020-07-23 19:54:25.075597194 -0700
@@ -61,6 +61,11 @@
public abstract class AlgorithmParameterGeneratorSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public AlgorithmParameterGeneratorSpi() {}
+
+ /**
* Initializes this parameter generator for a certain size
* and source of randomness.
*
--- old/src/java.base/share/classes/java/security/AlgorithmParametersSpi.java 2020-07-23 19:54:26.111597194 -0700
+++ new/src/java.base/share/classes/java/security/AlgorithmParametersSpi.java 2020-07-23 19:54:25.731597194 -0700
@@ -51,6 +51,11 @@
public abstract class AlgorithmParametersSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public AlgorithmParametersSpi() {}
+
+ /**
* Initializes this parameters object using the parameters
* specified in {@code paramSpec}.
*
--- old/src/java.base/share/classes/java/security/KeyFactorySpi.java 2020-07-23 19:54:26.815597194 -0700
+++ new/src/java.base/share/classes/java/security/KeyFactorySpi.java 2020-07-23 19:54:26.415597194 -0700
@@ -70,6 +70,11 @@
public abstract class KeyFactorySpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public KeyFactorySpi() {}
+
+ /**
* Generates a public key object from the provided key
* specification (key material).
*
--- old/src/java.base/share/classes/java/security/KeyPairGeneratorSpi.java 2020-07-23 19:54:27.503597194 -0700
+++ new/src/java.base/share/classes/java/security/KeyPairGeneratorSpi.java 2020-07-23 19:54:27.147597194 -0700
@@ -59,6 +59,11 @@
public abstract class KeyPairGeneratorSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public KeyPairGeneratorSpi() {}
+
+ /**
* Initializes the key pair generator for a certain keysize, using
* the default parameter set.
*
--- old/src/java.base/share/classes/java/security/KeyStoreSpi.java 2020-07-23 19:54:28.187597194 -0700
+++ new/src/java.base/share/classes/java/security/KeyStoreSpi.java 2020-07-23 19:54:27.803597194 -0700
@@ -54,6 +54,11 @@
public abstract class KeyStoreSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public KeyStoreSpi() {}
+
+ /**
* Returns the key associated with the given alias, using the given
* password to recover it. The key must have been associated with
* the alias by a call to {@code setKeyEntry},
--- old/src/java.base/share/classes/java/security/MessageDigestSpi.java 2020-07-23 19:54:28.863597194 -0700
+++ new/src/java.base/share/classes/java/security/MessageDigestSpi.java 2020-07-23 19:54:28.495597194 -0700
@@ -55,6 +55,11 @@
private byte[] tempArray;
/**
+ * Constructor for subclasses to call.
+ */
+ public MessageDigestSpi() {}
+
+ /**
* Returns the digest length in bytes.
*
* <p>This concrete method has been added to this previously-defined
--- old/src/java.base/share/classes/java/security/PermissionCollection.java 2020-07-23 19:54:29.583597194 -0700
+++ new/src/java.base/share/classes/java/security/PermissionCollection.java 2020-07-23 19:54:29.215597194 -0700
@@ -103,6 +103,11 @@
private volatile boolean readOnly;
/**
+ * Constructor for subclasses to call.
+ */
+ public PermissionCollection() {}
+
+ /**
* Adds a permission object to the current collection of permission objects.
*
* @param permission the Permission object to add.
--- old/src/java.base/share/classes/java/security/Policy.java 2020-07-23 19:54:30.319597194 -0700
+++ new/src/java.base/share/classes/java/security/Policy.java 2020-07-23 19:54:29.907597194 -0700
@@ -88,6 +88,11 @@
public abstract class Policy {
/**
+ * Constructor for subclasses to call.
+ */
+ public Policy() {}
+
+ /**
* A read-only empty PermissionCollection instance.
* @since 1.6
*/
--- old/src/java.base/share/classes/java/security/PolicySpi.java 2020-07-23 19:54:31.043597194 -0700
+++ new/src/java.base/share/classes/java/security/PolicySpi.java 2020-07-23 19:54:30.663597194 -0700
@@ -45,6 +45,11 @@
public abstract class PolicySpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public PolicySpi() {}
+
+ /**
* Check whether the policy has granted a Permission to a ProtectionDomain.
*
* @param domain the ProtectionDomain to check.
--- old/src/java.base/share/classes/java/security/SignatureSpi.java 2020-07-23 19:54:31.747597194 -0700
+++ new/src/java.base/share/classes/java/security/SignatureSpi.java 2020-07-23 19:54:31.343597194 -0700
@@ -53,6 +53,11 @@
public abstract class SignatureSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public SignatureSpi() {}
+
+ /**
* Application-specified source of randomness.
*/
protected SecureRandom appRandom = null;
--- old/src/java.base/share/classes/java/security/cert/CertificateFactorySpi.java 2020-07-23 19:54:32.479597194 -0700
+++ new/src/java.base/share/classes/java/security/cert/CertificateFactorySpi.java 2020-07-23 19:54:32.099597194 -0700
@@ -66,6 +66,11 @@
public abstract class CertificateFactorySpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public CertificateFactorySpi() {}
+
+ /**
* Generates a certificate object and initializes it with
* the data read from the input stream {@code inStream}.
*
--- old/src/java.base/share/classes/java/security/cert/X509CRLEntry.java 2020-07-23 19:54:33.207597194 -0700
+++ new/src/java.base/share/classes/java/security/cert/X509CRLEntry.java 2020-07-23 19:54:32.795597194 -0700
@@ -68,6 +68,11 @@
public abstract class X509CRLEntry implements X509Extension {
/**
+ * Constructor for subclasses to call.
+ */
+ public X509CRLEntry() {}
+
+ /**
* Compares this CRL entry for equality with the given
* object. If the {@code other} object is an
* {@code instanceof} {@code X509CRLEntry}, then
--- old/src/java.base/share/classes/javax/crypto/CipherSpi.java 2020-07-23 19:54:33.963597194 -0700
+++ new/src/java.base/share/classes/javax/crypto/CipherSpi.java 2020-07-23 19:54:33.539597194 -0700
@@ -230,6 +230,11 @@
public abstract class CipherSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public CipherSpi() {}
+
+ /**
* Sets the mode of this cipher.
*
* @param mode the cipher mode
--- old/src/java.base/share/classes/javax/crypto/ExemptionMechanismSpi.java 2020-07-23 19:54:34.715597194 -0700
+++ new/src/java.base/share/classes/javax/crypto/ExemptionMechanismSpi.java 2020-07-23 19:54:34.327597194 -0700
@@ -46,6 +46,11 @@
public abstract class ExemptionMechanismSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public ExemptionMechanismSpi() {}
+
+ /**
* Returns the length in bytes that an output buffer would need to be in
* order to hold the result of the next
* {@link #engineGenExemptionBlob(byte[], int) engineGenExemptionBlob}
--- old/src/java.base/share/classes/javax/crypto/KeyAgreementSpi.java 2020-07-23 19:54:35.475597194 -0700
+++ new/src/java.base/share/classes/javax/crypto/KeyAgreementSpi.java 2020-07-23 19:54:35.071597194 -0700
@@ -63,6 +63,11 @@
public abstract class KeyAgreementSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public KeyAgreementSpi() {}
+
+ /**
* Initializes this key agreement with the given key and source of
* randomness. The given key is required to contain all the algorithm
* parameters required for this key agreement.
--- old/src/java.base/share/classes/javax/crypto/KeyGeneratorSpi.java 2020-07-23 19:54:36.199597194 -0700
+++ new/src/java.base/share/classes/javax/crypto/KeyGeneratorSpi.java 2020-07-23 19:54:35.799597194 -0700
@@ -56,6 +56,11 @@
public abstract class KeyGeneratorSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public KeyGeneratorSpi() {}
+
+ /**
* Initializes the key generator.
*
* @param random the source of randomness for this generator
--- old/src/java.base/share/classes/javax/crypto/MacSpi.java 2020-07-23 19:54:36.915597194 -0700
+++ new/src/java.base/share/classes/javax/crypto/MacSpi.java 2020-07-23 19:54:36.519597194 -0700
@@ -47,6 +47,11 @@
public abstract class MacSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public MacSpi() {}
+
+ /**
* Returns the length of the MAC in bytes.
*
* @return the MAC length in bytes.
--- old/src/java.base/share/classes/javax/crypto/SecretKeyFactorySpi.java 2020-07-23 19:54:37.627597194 -0700
+++ new/src/java.base/share/classes/javax/crypto/SecretKeyFactorySpi.java 2020-07-23 19:54:37.247597194 -0700
@@ -54,6 +54,11 @@
public abstract class SecretKeyFactorySpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public SecretKeyFactorySpi() {}
+
+ /**
* Generates a <code>SecretKey</code> object from the
* provided key specification (key material).
*
--- old/src/java.base/share/classes/javax/security/auth/login/ConfigurationSpi.java 2020-07-23 19:54:38.383597194 -0700
+++ new/src/java.base/share/classes/javax/security/auth/login/ConfigurationSpi.java 2020-07-23 19:54:37.987597194 -0700
@@ -44,6 +44,11 @@
public abstract class ConfigurationSpi {
/**
+ * Constructor for subclasses to call.
+ */
+ public ConfigurationSpi() {}
+
+ /**
* Retrieve the AppConfigurationEntries for the specified {@code name}.
*
* @param name the name used to index the Configuration.
--- old/src/java.base/share/classes/javax/security/cert/Certificate.java 2020-07-23 19:54:39.107597194 -0700
+++ new/src/java.base/share/classes/javax/security/cert/Certificate.java 2020-07-23 19:54:38.695597194 -0700
@@ -66,6 +66,11 @@
public abstract class Certificate {
/**
+ * Constructor for subclasses to call.
+ */
+ public Certificate() {}
+
+ /**
* Compares this certificate for equality with the specified
* object. If the {@code other} object is an
* {@code instanceof} {@code Certificate}, then
--- old/src/java.base/share/classes/javax/security/cert/X509Certificate.java 2020-07-23 19:54:39.891597194 -0700
+++ new/src/java.base/share/classes/javax/security/cert/X509Certificate.java 2020-07-23 19:54:39.455597194 -0700
@@ -131,6 +131,11 @@
public abstract class X509Certificate extends Certificate {
/**
+ * Constructor for subclasses to call.
+ */
+ public X509Certificate() {}
+
+ /**
* Constant to lookup in the Security properties file.
* In the Security properties file the default implementation
* for X.509 v3 is given as:
--- old/src/java.security.jgss/share/classes/org/ietf/jgss/GSSManager.java 2020-07-23 19:54:40.639597194 -0700
+++ new/src/java.security.jgss/share/classes/org/ietf/jgss/GSSManager.java 2020-07-23 19:54:40.215597194 -0700
@@ -139,6 +139,11 @@
public abstract class GSSManager {
/**
+ * Constructor for subclasses to call.
+ */
+ public GSSManager() {}
+
+ /**
* Returns the default GSSManager implementation.
*
* @return a GSSManager implementation
--- old/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java 2020-07-23 19:54:41.419597194 -0700
+++ new/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java 2020-07-23 19:54:40.995597194 -0700
@@ -196,6 +196,11 @@
private static final String PWD = "javax.security.auth.login.password";
/**
+ * Creates a {@code JndiLoginModule}.
+ */
+ public JndiLoginModule() {}
+
+ /**
* Initialize this {@code LoginModule}.
*
* @param subject the {@code Subject} to be authenticated.
--- old/src/jdk.security.auth/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java 2020-07-23 19:54:42.175597194 -0700
+++ new/src/jdk.security.auth/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java 2020-07-23 19:54:41.759597194 -0700
@@ -162,6 +162,11 @@
private boolean token = false;
private boolean protectedPath = false;
+ /**
+ * Creates a {@code KeyStoreLoginModule}.
+ */
+ public KeyStoreLoginModule() {}
+
/* -- Methods -- */
/**
--- old/src/jdk.security.auth/share/classes/com/sun/security/auth/module/Krb5LoginModule.java 2020-07-23 19:54:42.951597194 -0700
+++ new/src/jdk.security.auth/share/classes/com/sun/security/auth/module/Krb5LoginModule.java 2020-07-23 19:54:42.527597194 -0700
@@ -420,6 +420,11 @@
private static final String PWD = "javax.security.auth.login.password";
/**
+ * Creates a {@code Krb5LoginModule}.
+ */
+ public Krb5LoginModule() {}
+
+ /**
* Initialize this {@code LoginModule}.
*
* @param subject the {@code Subject} to be authenticated.
--- old/src/jdk.security.auth/share/classes/com/sun/security/auth/module/LdapLoginModule.java 2020-07-23 19:54:43.719597194 -0700
+++ new/src/jdk.security.auth/share/classes/com/sun/security/auth/module/LdapLoginModule.java 2020-07-23 19:54:43.319597194 -0700
@@ -356,6 +356,11 @@
private SearchControls constraints = null;
/**
+ * Creates an {@code LdapLoginModule}.
+ */
+ public LdapLoginModule() {}
+
+ /**
* Initialize this {@code LoginModule}.
*
* @param subject the {@code Subject} to be authenticated.
--- old/src/jdk.security.auth/share/classes/com/sun/security/auth/module/NTLoginModule.java 2020-07-23 19:54:44.527597194 -0700
+++ new/src/jdk.security.auth/share/classes/com/sun/security/auth/module/NTLoginModule.java 2020-07-23 19:54:44.079597194 -0700
@@ -84,6 +84,11 @@
private NTNumericCredential iToken; // impersonation token
/**
+ * Creates an {@code NTLoginModule}.
+ */
+ public NTLoginModule() {}
+
+ /**
* Initialize this {@code LoginModule}.
*
* @param subject the {@code Subject} to be authenticated.
--- old/src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixLoginModule.java 2020-07-23 19:54:45.299597194 -0700
+++ new/src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixLoginModule.java 2020-07-23 19:54:44.875597194 -0700
@@ -73,6 +73,11 @@
new LinkedList<>();
/**
+ * Creates a {@code UnixLoginModule}.
+ */
+ public UnixLoginModule() {}
+
+ /**
* Initialize this {@code LoginModule}.
*
* @param subject the {@code Subject} to be authenticated.
--- old/src/jdk.security.jgss/share/classes/com/sun/security/jgss/GSSUtil.java 2020-07-23 19:54:46.083597194 -0700
+++ new/src/jdk.security.jgss/share/classes/com/sun/security/jgss/GSSUtil.java 2020-07-23 19:54:45.659597194 -0700
@@ -34,6 +34,11 @@
* implementation of Java GSS-API.
*/
public class GSSUtil {
+ /**
+ * Do not call.
+ */
+ @Deprecated(since="16", forRemoval=true)
+ public GSSUtil() {}
/**
* Use this method to convert a GSSName and GSSCredential into a