7008713: diamond conversion of kerberos5 and security tools
authorsmarks
Wed, 12 Jan 2011 13:52:09 -0800
changeset 7977 f47f211cd627
parent 7976 f273c0d04215
child 7979 0ae19fac0c55
7008713: diamond conversion of kerberos5 and security tools Reviewed-by: weijun
jdk/src/share/classes/sun/security/krb5/Config.java
jdk/src/share/classes/sun/security/krb5/KdcComm.java
jdk/src/share/classes/sun/security/krb5/PrincipalName.java
jdk/src/share/classes/sun/security/krb5/Realm.java
jdk/src/share/classes/sun/security/krb5/internal/Authenticator.java
jdk/src/share/classes/sun/security/krb5/internal/AuthorizationData.java
jdk/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java
jdk/src/share/classes/sun/security/krb5/internal/HostAddresses.java
jdk/src/share/classes/sun/security/krb5/internal/KDCReq.java
jdk/src/share/classes/sun/security/krb5/internal/KDCReqBody.java
jdk/src/share/classes/sun/security/krb5/internal/KRBCred.java
jdk/src/share/classes/sun/security/krb5/internal/KRBError.java
jdk/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java
jdk/src/share/classes/sun/security/krb5/internal/LastReq.java
jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java
jdk/src/share/classes/sun/security/krb5/internal/crypto/EType.java
jdk/src/share/classes/sun/security/krb5/internal/ktab/KeyTab.java
jdk/src/share/classes/sun/security/tools/JarSigner.java
jdk/src/share/classes/sun/security/tools/KeyTool.java
jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java
jdk/test/sun/security/krb5/IPv6.java
jdk/test/sun/security/krb5/auto/CleanState.java
jdk/test/sun/security/krb5/auto/Context.java
jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java
jdk/test/sun/security/krb5/auto/KDC.java
jdk/test/sun/security/krb5/auto/LoginModuleOptions.java
jdk/test/sun/security/krb5/tools/KtabCheck.java
--- a/jdk/src/share/classes/sun/security/krb5/Config.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/Config.java	Wed Jan 12 13:52:09 2011 -0800
@@ -528,7 +528,7 @@
                 }
                 })));
                 String Line;
-                Vector<String> v = new Vector<String> ();
+                Vector<String> v = new Vector<>();
                 String previous = null;
                 while ((Line = br.readLine()) != null) {
                     // ignore comments and blank line in the configuration file.
@@ -589,7 +589,7 @@
             throw new KrbException("I/O error while reading" +
                         " configuration file.");
         }
-        Hashtable<String,Object> table = new Hashtable<String,Object> ();
+        Hashtable<String,Object> table = new Hashtable<>();
         for (int i = 0; i < v.size(); i++) {
             String line = v.elementAt(i).trim();
             if (line.equalsIgnoreCase("[realms]")) {
@@ -598,7 +598,7 @@
                     if ((count == v.size()) ||
                         (v.elementAt(count).startsWith("["))) {
                         Hashtable<String,Hashtable<String,Vector<String>>> temp =
-                            new Hashtable<String,Hashtable<String,Vector<String>>>();
+                            new Hashtable<>();
                         temp = parseRealmField(v, i + 1, count);
                         table.put("realms", temp);
                         i = count - 1;
@@ -611,7 +611,7 @@
                     if ((count == v.size()) ||
                         (v.elementAt(count).startsWith("["))) {
                         Hashtable<String,Hashtable<String,Vector<String>>> temp =
-                            new Hashtable<String,Hashtable<String,Vector<String>>>();
+                            new Hashtable<>();
                         temp = parseRealmField(v, i + 1, count);
                         table.put("capaths", temp);
                         i = count - 1;
@@ -729,7 +729,7 @@
      * Parses key-value pairs under a stanza name.
      */
     private Hashtable<String,String>  parseField(Vector<String> v, int start, int end) {
-        Hashtable<String,String> table = new Hashtable<String,String> ();
+        Hashtable<String,String> table = new Hashtable<>();
         String line;
         for (int i = start; i < end; i++) {
             line = v.elementAt(i);
@@ -751,7 +751,7 @@
      * information for the realm given within a pair of braces.
      */
     private Hashtable<String,Hashtable<String,Vector<String>>> parseRealmField(Vector<String> v, int start, int end) {
-        Hashtable<String,Hashtable<String,Vector<String>>> table = new Hashtable<String,Hashtable<String,Vector<String>>> ();
+        Hashtable<String,Hashtable<String,Vector<String>>> table = new Hashtable<>();
         String line;
         for (int i = start; i < end; i++) {
             line = v.elementAt(i).trim();
@@ -791,10 +791,9 @@
      * Parses key-value pairs within each braces under [realms].
      */
     private Hashtable<String,Vector<String>> parseRealmFieldEx(Vector<String> v, int start, int end) {
-        Hashtable<String,Vector<String>> table =
-                new Hashtable<String,Vector<String>> ();
-        Vector<String> keyVector = new Vector<String> ();
-        Vector<String> nameVector = new Vector<String> ();
+        Hashtable<String,Vector<String>> table = new Hashtable<>();
+        Vector<String> keyVector = new Vector<>();
+        Vector<String> nameVector = new Vector<>();
         String line = "";
         String key;
         for (int i = start; i < end; i++) {
@@ -899,7 +898,7 @@
             }
             st = new StringTokenizer(default_enctypes, delim);
             int len = st.countTokens();
-            ArrayList<Integer> ls = new ArrayList<Integer> (len);
+            ArrayList<Integer> ls = new ArrayList<>(len);
             int type;
             for (int i = 0; i < len; i++) {
                 type = getType(st.nextToken());
--- a/jdk/src/share/classes/sun/security/krb5/KdcComm.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/KdcComm.java	Wed Jan 12 13:52:09 2011 -0800
@@ -462,7 +462,7 @@
      */
     static class KdcAccessibility {
         // Known bad KDCs
-        private static Set<String> bads = new HashSet<String>();
+        private static Set<String> bads = new HashSet<>();
 
         private static synchronized void addBad(String kdc) {
             if (DEBUG) {
@@ -492,9 +492,9 @@
         // Returns a preferred KDC list by putting the bad ones at the end
         private static synchronized String[] list(String kdcList) {
             StringTokenizer st = new StringTokenizer(kdcList);
-            List<String> list = new ArrayList<String>();
+            List<String> list = new ArrayList<>();
             if (badPolicy == BpType.TRY_LAST) {
-                List<String> badkdcs = new ArrayList<String>();
+                List<String> badkdcs = new ArrayList<>();
                 while (st.hasMoreTokens()) {
                     String t = st.nextToken();
                     if (bads.contains(t)) badkdcs.add(t);
--- a/jdk/src/share/classes/sun/security/krb5/PrincipalName.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/PrincipalName.java	Wed Jan 12 13:52:09 2011 -0800
@@ -244,7 +244,7 @@
             if (subDer.getTag() != DerValue.tag_SequenceOf) {
                 throw new Asn1Exception(Krb5.ASN1_BAD_ID);
             }
-            Vector<String> v = new Vector<String> ();
+            Vector<String> v = new Vector<>();
             DerValue subSubDer;
             while(subDer.getData().available() > 0) {
                 subSubDer = subDer.getData().getDerValue();
@@ -299,7 +299,7 @@
     // Code repetition, realm parsed again by class Realm
     protected static String[] parseName(String name) {
 
-        Vector<String> tempStrings = new Vector<String> ();
+        Vector<String> tempStrings = new Vector<>();
         String temp = name;
         int i = 0;
         int componentStart = 0;
--- a/jdk/src/share/classes/sun/security/krb5/Realm.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/Realm.java	Wed Jan 12 13:52:09 2011 -0800
@@ -359,12 +359,12 @@
         }
 
         String tempTarget = null, tempRealm = null;
-        Stack<String> iStack = new Stack<String> ();
+        Stack<String> iStack = new Stack<>();
 
         /*
          * I don't expect any more than a handful of intermediaries.
          */
-        Vector<String> tempList = new Vector<String> (8, 8);
+        Vector<String> tempList = new Vector<>(8, 8);
 
         /*
          * The initiator at first location.
--- a/jdk/src/share/classes/sun/security/krb5/internal/Authenticator.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/Authenticator.java	Wed Jan 12 13:52:09 2011 -0800
@@ -176,7 +176,7 @@
      * @exception IOException if an I/O error occurs while reading encoded data.
      */
     public byte[] asn1Encode() throws Asn1Exception, IOException {
-        Vector<DerValue> v = new Vector<DerValue>();
+        Vector<DerValue> v = new Vector<>();
         DerOutputStream temp = new DerOutputStream();
         temp.putInteger(BigInteger.valueOf(authenticator_vno));
         v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp.toByteArray()));
--- a/jdk/src/share/classes/sun/security/krb5/internal/AuthorizationData.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/AuthorizationData.java	Wed Jan 12 13:52:09 2011 -0800
@@ -99,8 +99,7 @@
      * @exception IOException if an I/O error occurs while reading encoded data.
      */
     public AuthorizationData(DerValue der) throws Asn1Exception, IOException {
-        Vector<AuthorizationDataEntry> v =
-                new Vector<AuthorizationDataEntry>();
+        Vector<AuthorizationDataEntry> v = new Vector<>();
         if (der.getTag() != DerValue.tag_Sequence) {
             throw new Asn1Exception(Krb5.ASN1_BAD_ID);
         }
--- a/jdk/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/EncAPRepPart.java	Wed Jan 12 13:52:09 2011 -0800
@@ -133,7 +133,7 @@
      * @exception IOException if an I/O error occurs while reading encoded data.
      */
     public byte[] asn1Encode() throws Asn1Exception, IOException {
-        Vector<DerValue> v = new Vector<DerValue>();
+        Vector<DerValue> v = new Vector<>();
         DerOutputStream temp = new DerOutputStream();
         v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT,
                 true, (byte) 0x00), ctime.asn1Encode()));
--- a/jdk/src/share/classes/sun/security/krb5/internal/HostAddresses.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/HostAddresses.java	Wed Jan 12 13:52:09 2011 -0800
@@ -179,7 +179,7 @@
     */
     public HostAddresses(DerValue encoding)
         throws  Asn1Exception, IOException {
-        Vector<HostAddress> tempAddresses = new Vector<HostAddress> ();
+        Vector<HostAddress> tempAddresses = new Vector<>();
         DerValue der = null;
         while (encoding.getData().available() > 0) {
             der = encoding.getData().getDerValue();
@@ -265,8 +265,7 @@
         if (addresses == null || addresses.length == 0)
             return null;
 
-        ArrayList<InetAddress> ipAddrs =
-                new ArrayList<InetAddress> (addresses.length);
+        ArrayList<InetAddress> ipAddrs = new ArrayList<>(addresses.length);
 
         for (int i = 0; i < addresses.length; i++) {
             try {
--- a/jdk/src/share/classes/sun/security/krb5/internal/KDCReq.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KDCReq.java	Wed Jan 12 13:52:09 2011 -0800
@@ -150,7 +150,7 @@
             if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
                 throw new Asn1Exception(Krb5.ASN1_BAD_ID);
             }
-            Vector<PAData> v = new Vector<PAData>();
+            Vector<PAData> v = new Vector<>();
             while (subsubDer.getData().available() > 0) {
                 v.addElement(new PAData(subsubDer.getData().getDerValue()));
             }
--- a/jdk/src/share/classes/sun/security/krb5/internal/KDCReqBody.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KDCReqBody.java	Wed Jan 12 13:52:09 2011 -0800
@@ -158,7 +158,7 @@
             throw new Asn1Exception(Krb5.ASN1_BAD_ID);
         }
         der = encoding.getData().getDerValue();
-        Vector<Integer> v = new Vector<Integer> ();
+        Vector<Integer> v = new Vector<>();
         if ((der.getTag() & (byte)0x1F) == (byte)0x08) {
             subDer = der.getData().getDerValue();
 
@@ -183,7 +183,7 @@
             encAuthorizationData = EncryptedData.parse(encoding.getData(), (byte)0x0A, true);
         }
         if (encoding.getData().available() > 0) {
-            Vector<Ticket> tempTickets = new Vector<Ticket> ();
+            Vector<Ticket> tempTickets = new Vector<>();
             der = encoding.getData().getDerValue();
             if ((der.getTag() & (byte)0x1F) == (byte)0x0B) {
                 subDer = der.getData().getDerValue();
@@ -216,7 +216,7 @@
      *
      */
     public byte[] asn1Encode(int msgType) throws Asn1Exception, IOException {
-        Vector<DerValue> v = new Vector<DerValue> ();
+        Vector<DerValue> v = new Vector<>();
         v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), kdcOptions.asn1Encode()));
         if (msgType == Krb5.KRB_AS_REQ) {
             if (cname != null) {
--- a/jdk/src/share/classes/sun/security/krb5/internal/KRBCred.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KRBCred.java	Wed Jan 12 13:52:09 2011 -0800
@@ -134,7 +134,7 @@
             if (subsubDer.getTag() != DerValue.tag_SequenceOf) {
                 throw new Asn1Exception(Krb5.ASN1_BAD_ID);
             }
-            Vector<Ticket> v = new Vector<Ticket>();
+            Vector<Ticket> v = new Vector<>();
             while (subsubDer.getData().available() > 0) {
                 v.addElement(new Ticket(subsubDer.getData().getDerValue()));
             }
--- a/jdk/src/share/classes/sun/security/krb5/internal/KRBError.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KRBError.java	Wed Jan 12 13:52:09 2011 -0800
@@ -260,7 +260,7 @@
     private void parsePAData(byte[] data)
             throws IOException, Asn1Exception {
         DerValue derPA = new DerValue(data);
-        List<PAData> paList = new ArrayList<PAData>();
+        List<PAData> paList = new ArrayList<>();
         while (derPA.data.available() > 0) {
             // read the PA-DATA
             DerValue tmp = derPA.data.getDerValue();
--- a/jdk/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/KrbCredInfo.java	Wed Jan 12 13:52:09 2011 -0800
@@ -157,7 +157,7 @@
      * @exception IOException if an I/O error occurs while reading encoded data.
      */
     public byte[] asn1Encode() throws Asn1Exception, IOException {
-        Vector<DerValue> v = new Vector<DerValue> ();
+        Vector<DerValue> v = new Vector<>();
         v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x00), key.asn1Encode()));
         if (prealm != null)
             v.addElement(new DerValue(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte)0x01), prealm.asn1Encode()));
--- a/jdk/src/share/classes/sun/security/krb5/internal/LastReq.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/LastReq.java	Wed Jan 12 13:52:09 2011 -0800
@@ -77,7 +77,7 @@
      */
 
     public LastReq(DerValue encoding) throws Asn1Exception, IOException {
-        Vector<LastReqEntry> v= new Vector<LastReqEntry> ();
+        Vector<LastReqEntry> v= new Vector<>();
         if (encoding.getTag() != DerValue.tag_Sequence) {
             throw new Asn1Exception(Krb5.ASN1_BAD_ID);
         }
--- a/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java	Wed Jan 12 13:52:09 2011 -0800
@@ -490,7 +490,7 @@
 
     private static String exec(String c) {
         StringTokenizer st = new StringTokenizer(c);
-        Vector<String> v = new Vector<String> ();
+        Vector<String> v = new Vector<>();
         while (st.hasMoreTokens()) {
             v.addElement(st.nextToken());
         }
--- a/jdk/src/share/classes/sun/security/krb5/internal/crypto/EType.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/crypto/EType.java	Wed Jan 12 13:52:09 2011 -0800
@@ -257,7 +257,7 @@
                 + configName);
         }
 
-        List<Integer> list = new ArrayList<Integer> (answer.length);
+        List<Integer> list = new ArrayList<>(answer.length);
         for (int i = 0; i < answer.length; i++) {
             if (EncryptionKey.findKey(answer[i], keys) != null) {
                 list.add(answer[i]);
--- a/jdk/src/share/classes/sun/security/krb5/internal/ktab/KeyTab.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/krb5/internal/ktab/KeyTab.java	Wed Jan 12 13:52:09 2011 -0800
@@ -57,7 +57,7 @@
     private static KeyTab singleton = null;
     private static final boolean DEBUG = Krb5.DEBUG;
     private static String name;
-    private Vector<KeyTabEntry> entries = new Vector<KeyTabEntry> ();
+    private Vector<KeyTabEntry> entries = new Vector<>();
 
     private KeyTab(String filename) throws IOException, RealmException {
         init(filename);
@@ -240,7 +240,7 @@
         KeyTabEntry entry;
         EncryptionKey key;
         int size = entries.size();
-        ArrayList<EncryptionKey> keys = new ArrayList<EncryptionKey> (size);
+        ArrayList<EncryptionKey> keys = new ArrayList<>(size);
 
         for (int i = size-1; i >= 0; i--) {
             entry = entries.elementAt(i);
--- a/jdk/src/share/classes/sun/security/tools/JarSigner.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/tools/JarSigner.java	Wed Jan 12 13:52:09 2011 -0800
@@ -123,19 +123,19 @@
                                     // or the default keystore, never null
 
     String keystore; // key store file
-    List<String> crlfiles = new ArrayList<String>();  // CRL files to add
+    List<String> crlfiles = new ArrayList<>();  // CRL files to add
     boolean nullStream = false; // null keystore input stream (NONE)
     boolean token = false; // token-based keystore
     String jarfile;  // jar files to sign or verify
     String alias;    // alias to sign jar with
-    List<String> ckaliases = new ArrayList<String>(); // aliases in -verify
+    List<String> ckaliases = new ArrayList<>(); // aliases in -verify
     char[] storepass; // keystore password
     boolean protectedPath; // protected authentication path
     String storetype; // keystore type
     String providerName; // provider name
     Vector<String> providers = null; // list of providers
     // arguments for provider constructors
-    HashMap<String,String> providerArgs = new HashMap<String, String>();
+    HashMap<String,String> providerArgs = new HashMap<>();
     char[] keypass; // private key password
     String sigfile; // name of .SF file
     String sigalg; // name of signature algorithm
@@ -236,7 +236,7 @@
                 if (crlfiles.size() > 0 || autoCRL) {
                     CertificateFactory fac =
                             CertificateFactory.getInstance("X509");
-                    List<CRL> list = new ArrayList<CRL>();
+                    List<CRL> list = new ArrayList<>();
                     for (String file: crlfiles) {
                         Collection<? extends CRL> tmp = KeyTool.loadCRLs(file);
                         for (CRL crl: tmp) {
@@ -606,7 +606,7 @@
 
         try {
             jf = new JarFile(jarName, true);
-            Vector<JarEntry> entriesVec = new Vector<JarEntry>();
+            Vector<JarEntry> entriesVec = new Vector<>();
             byte[] buffer = new byte[8192];
 
             Enumeration<JarEntry> entries = jf.entries();
@@ -633,8 +633,7 @@
             // The map to record display info, only used when -verbose provided
             //      key: signer info string
             //      value: the list of files with common key
-            Map<String,List<String>> output =
-                    new LinkedHashMap<String,List<String>>();
+            Map<String,List<String>> output = new LinkedHashMap<>();
 
             if (man != null) {
                 if (verbose != null) System.out.println();
@@ -1000,8 +999,7 @@
             .append(signTimeForm.format(source)).append("]").toString();
     }
 
-    private Map<CodeSigner,Integer> cacheForInKS =
-            new IdentityHashMap<CodeSigner,Integer>();
+    private Map<CodeSigner,Integer> cacheForInKS = new IdentityHashMap<>();
 
     private int inKeyStoreForOneSigner(CodeSigner signer) {
         if (cacheForInKS.containsKey(signer)) {
@@ -1044,8 +1042,7 @@
         return result;
     }
 
-    Hashtable<Certificate, String> storeHash =
-                                new Hashtable<Certificate, String>();
+    Hashtable<Certificate, String> storeHash = new Hashtable<>();
 
     int inKeyStore(CodeSigner[] signers) {
 
@@ -1175,7 +1172,7 @@
              *   generated one. (This may invalidate existing signatures!)
              */
             BASE64Encoder encoder = new JarBASE64Encoder();
-            Vector<ZipEntry> mfFiles = new Vector<ZipEntry>();
+            Vector<ZipEntry> mfFiles = new Vector<>();
 
             boolean wasSigned = false;
 
@@ -1531,7 +1528,7 @@
         return false;
     }
 
-    Map<CodeSigner,String> cacheForSignerInfo = new IdentityHashMap<CodeSigner,String>();
+    Map<CodeSigner,String> cacheForSignerInfo = new IdentityHashMap<>();
 
     /**
      * Returns a string of singer info, with a newline at the end
@@ -1655,7 +1652,7 @@
                     }
                 }
             }
-            Set<TrustAnchor> tas = new HashSet<TrustAnchor>();
+            Set<TrustAnchor> tas = new HashSet<>();
             try {
                 KeyStore caks = KeyTool.getCacertsKeyStore();
                 if (caks != null) {
--- a/jdk/src/share/classes/sun/security/tools/KeyTool.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/tools/KeyTool.java	Wed Jan 12 13:52:09 2011 -0800
@@ -153,11 +153,11 @@
     private KeyStore caks = null; // "cacerts" keystore
     private char[] srcstorePass = null;
     private String srcstoretype = null;
-    private Set<char[]> passwords = new HashSet<char[]> ();
+    private Set<char[]> passwords = new HashSet<>();
     private String startDate = null;
 
-    private List <String> ids = new ArrayList <String> ();   // used in GENCRL
-    private List <String> v3ext = new ArrayList <String> ();
+    private List<String> ids = new ArrayList<>();   // used in GENCRL
+    private List<String> v3ext = new ArrayList<>();
 
     enum Command {
         CERTREQ("Generates.a.certificate.request",
@@ -2091,7 +2091,7 @@
      */
     public static List<CRL> readCRLsFromCert(X509Certificate cert)
             throws Exception {
-        List<CRL> crls = new ArrayList<CRL>();
+        List<CRL> crls = new ArrayList<>();
         CRLDistributionPointsExtension ext =
                 X509CertImpl.toImpl(cert).getCRLDistributionPointsExtension();
         if (ext == null) return crls;
@@ -2258,7 +2258,7 @@
         if (jarfile != null) {
             JarFile jf = new JarFile(jarfile, true);
             Enumeration<JarEntry> entries = jf.entries();
-            Set<CodeSigner> ss = new HashSet<CodeSigner>();
+            Set<CodeSigner> ss = new HashSet<>();
             byte[] buffer = new byte[8192];
             int pos = 0;
             while (entries.hasMoreElements()) {
@@ -3347,7 +3347,7 @@
         }
 
         // start building chain
-        Vector<Certificate> chain = new Vector<Certificate>(2);
+        Vector<Certificate> chain = new Vector<>(2);
         if (buildChain((X509Certificate)certToVerify, chain, certs)) {
             Certificate[] newChain = new Certificate[chain.size()];
             // buildChain() returns chain with self-signed root-cert first and
@@ -3873,8 +3873,7 @@
                         break;
                     case 2:     // EKU
                         if(value != null) {
-                            Vector <ObjectIdentifier> v =
-                                    new Vector <ObjectIdentifier>();
+                            Vector<ObjectIdentifier> v = new Vector<>();
                             for (String s: value.split(",")) {
                                 int p = oneOf(s,
                                         "anyExtendedKeyUsage",
@@ -3944,7 +3943,7 @@
                         }
                         if(value != null) {
                             List<AccessDescription> accessDescriptions =
-                                    new ArrayList<AccessDescription>();
+                                    new ArrayList<>();
                             String[] ps = value.split(",");
                             for(String item: ps) {
                                 colonpos = item.indexOf(':');
@@ -4228,7 +4227,7 @@
     }
 
     public static <A,B> Pair<A,B> of(A a, B b) {
-        return new Pair<A,B>(a,b);
+        return new Pair<>(a,b);
     }
 }
 
--- a/jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java	Wed Jan 12 13:52:09 2011 -0800
@@ -643,7 +643,7 @@
         Class<?> pc = Class.forName(type, true,
                 Thread.currentThread().getContextClassLoader());
         Constructor<?> c = null;
-        Vector<String> objects = new Vector<String>(2);
+        Vector<String> objects = new Vector<>(2);
         if (name != null) objects.add(name);
         if (actions != null) objects.add(actions);
         switch (objects.size()) {
@@ -1722,8 +1722,7 @@
                         new PolicyParser.GrantEntry(signedby, codebase);
 
         // get the new Principals
-        LinkedList<PolicyParser.PrincipalEntry> prins =
-                                new LinkedList<PolicyParser.PrincipalEntry>();
+        LinkedList<PolicyParser.PrincipalEntry> prins = new LinkedList<>();
         TaggedList prinList = (TaggedList)getComponent(PE_PRIN_LIST);
         for (int i = 0; i < prinList.getItemCount(); i++) {
             prins.add((PolicyParser.PrincipalEntry)prinList.getObject(i));
@@ -1731,8 +1730,7 @@
         ge.principals = prins;
 
         // get the new Permissions
-        Vector<PolicyParser.PermissionEntry> perms =
-                        new Vector<PolicyParser.PermissionEntry>();
+        Vector<PolicyParser.PermissionEntry> perms = new Vector<>();
         TaggedList permList = (TaggedList)getComponent(PE_PERM_LIST);
         for (int i = 0; i < permList.getItemCount(); i++) {
             perms.addElement((PolicyParser.PermissionEntry)permList.getObject(i));
@@ -3649,7 +3647,7 @@
  * This is a java.awt.List that bind an Object to each String it holds.
  */
 class TaggedList extends List {
-    private java.util.List<Object> data = new LinkedList<Object>();
+    private java.util.List<Object> data = new LinkedList<>();
     public TaggedList(int i, boolean b) {
         super(i, b);
     }
--- a/jdk/test/sun/security/krb5/IPv6.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/test/sun/security/krb5/IPv6.java	Wed Jan 12 13:52:09 2011 -0800
@@ -78,8 +78,8 @@
         try {
             Subject subject = new Subject();
             Krb5LoginModule krb5 = new Krb5LoginModule();
-            Map<String, String> map = new HashMap<String, String>();
-            Map<String, Object> shared = new HashMap<String, Object>();
+            Map<String, String> map = new HashMap<>();
+            Map<String, Object> shared = new HashMap<>();
 
             map.put("debug", "true");
             map.put("doNotPrompt", "true");
--- a/jdk/test/sun/security/krb5/auto/CleanState.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/test/sun/security/krb5/auto/CleanState.java	Wed Jan 12 13:52:09 2011 -0800
@@ -49,11 +49,11 @@
         final char[] password = OneKDC.PASS;
         char[] badpassword = "hellokitty".toCharArray();
 
-        Map<String,String> map = new HashMap<String,String>();
+        Map<String,String> map = new HashMap<>();
         map.put("useTicketCache", "false");
         map.put("doNotPrompt", "false");
         map.put("tryFirstPass", "true");
-        Map<String,Object> shared = new HashMap<String,Object>();
+        Map<String,Object> shared = new HashMap<>();
         shared.put("javax.security.auth.login.name", name);
         shared.put("javax.security.auth.login.password", badpassword);
 
--- a/jdk/test/sun/security/krb5/auto/Context.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/test/sun/security/krb5/auto/Context.java	Wed Jan 12 13:52:09 2011 -0800
@@ -117,8 +117,8 @@
         out.name = user;
         out.s = new Subject();
         Krb5LoginModule krb5 = new Krb5LoginModule();
-        Map<String, String> map = new HashMap<String, String>();
-        Map<String, Object> shared = new HashMap<String, Object>();
+        Map<String, String> map = new HashMap<>();
+        Map<String, Object> shared = new HashMap<>();
 
         if (pass != null) {
             map.put("useFirstPass", "true");
@@ -151,7 +151,7 @@
         out.name = user;
         out.s = new Subject();
         Krb5LoginModule krb5 = new Krb5LoginModule();
-        Map<String, String> map = new HashMap<String, String>();
+        Map<String, String> map = new HashMap<>();
 
         map.put("doNotPrompt", "true");
         map.put("useTicketCache", "false");
--- a/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/test/sun/security/krb5/auto/HttpNegotiateServer.java	Wed Jan 12 13:52:09 2011 -0800
@@ -297,8 +297,8 @@
             }
 
             Krb5LoginModule krb5 = new Krb5LoginModule();
-            Map<String, String> map = new HashMap<String, String>();
-            Map<String, Object> shared = new HashMap<String, Object>();
+            Map<String, String> map = new HashMap<>();
+            Map<String, Object> shared = new HashMap<>();
 
             map.put("storeKey", "true");
             map.put("isInitiator", "false");
--- a/jdk/test/sun/security/krb5/auto/KDC.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/test/sun/security/krb5/auto/KDC.java	Wed Jan 12 13:52:09 2011 -0800
@@ -132,7 +132,7 @@
     // Principal db. principal -> pass. A case-insensitive TreeMap is used
     // so that even if the client provides a name with different case, the KDC
     // can still locate the principal and give back correct salt.
-    private TreeMap<String,char[]> passwords = new TreeMap<String,char[]>
+    private TreeMap<String,char[]> passwords = new TreeMap<>
             (String.CASE_INSENSITIVE_ORDER);
 
     // Realm name
@@ -142,9 +142,9 @@
     // Service port number
     private int port;
     // The request/response job queue
-    private BlockingQueue<Job> q = new ArrayBlockingQueue<Job>(100);
+    private BlockingQueue<Job> q = new ArrayBlockingQueue<>(100);
     // Options
-    private Map<Option,Object> options = new HashMap<Option,Object>();
+    private Map<Option,Object> options = new HashMap<>();
 
     private Thread thread1, thread2, thread3;
     DatagramSocket u1 = null;
@@ -537,7 +537,7 @@
         }
     }
 
-    private Map<String,String> policies = new HashMap<String,String>();
+    private Map<String,String> policies = new HashMap<>();
 
     public void setPolicy(String rule, String value) {
         if (value == null) {
@@ -760,7 +760,7 @@
     private byte[] processAsReq(byte[] in) throws Exception {
         ASReq asReq = new ASReq(in);
         int[] eTypes = null;
-        List<PAData> outPAs = new ArrayList<PAData>();
+        List<PAData> outPAs = new ArrayList<>();
 
         try {
             System.out.println(realm + "> " + asReq.reqBody.cname +
--- a/jdk/test/sun/security/krb5/auto/LoginModuleOptions.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/test/sun/security/krb5/auto/LoginModuleOptions.java	Wed Jan 12 13:52:09 2011 -0800
@@ -135,8 +135,8 @@
             throws Exception {
         Krb5LoginModule krb5 = new Krb5LoginModule();
         Subject subject = new Subject();
-        Map<String, String> map = new HashMap<String, String>();
-        Map<String, Object> shared = new HashMap<String, Object>();
+        Map<String, String> map = new HashMap<>();
+        Map<String, Object> shared = new HashMap<>();
 
         int count = options.length / 2;
         for (int i = 0; i < count; i++) {
--- a/jdk/test/sun/security/krb5/tools/KtabCheck.java	Wed Jan 12 14:40:36 2011 +0000
+++ b/jdk/test/sun/security/krb5/tools/KtabCheck.java	Wed Jan 12 13:52:09 2011 -0800
@@ -39,7 +39,7 @@
     public static void main(String[] args) throws Exception {
         System.out.println("Checking " + Arrays.toString(args));
         KeyTab ktab = KeyTab.getInstance(args[0]);
-        Set<String> expected = new HashSet<String>();
+        Set<String> expected = new HashSet<>();
         for (int i=1; i<args.length; i += 2) {
             expected.add(args[i]+":"+args[i+1]);
         }