TKSS-812: Cleanup TLCP codes

kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/TLCPAuthentication.java

@@ -82,7 +82,7 @@ public Map.Entry<Byte, HandshakeProducer>[] getHandshakeProducers(
             });
         }   // Otherwise, SSL/TLS does not use this method.
 
-        return new Map.Entry[0];
+        return (Map.Entry<Byte, HandshakeProducer>[])(new Map.Entry[0]);
     }
 
     static final class TLCPPossession implements SSLPossession {

kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/TLCPCertificate.java

@@ -37,6 +37,7 @@
 import java.nio.ByteBuffer;
 import java.security.PublicKey;
 import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertPathValidatorException.BasicReason;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
@@ -823,16 +824,16 @@ private static Alert getCertificateAlert(
                             Alert.BAD_CERT_STATUS_RESPONSE :
                             Alert.CERTIFICATE_REVOKED;
                 } else if (
-                        reason == CertPathValidatorException.BasicReason.UNDETERMINED_REVOCATION_STATUS) {
+                        reason == BasicReason.UNDETERMINED_REVOCATION_STATUS) {
                     alert = chc.staplingActive ?
                             Alert.BAD_CERT_STATUS_RESPONSE :
                             Alert.CERTIFICATE_UNKNOWN;
-                } else if (reason == CertPathValidatorException.BasicReason.ALGORITHM_CONSTRAINED) {
+                } else if (reason == BasicReason.ALGORITHM_CONSTRAINED) {
                     alert = Alert.UNSUPPORTED_CERTIFICATE;
-                } else if (reason == CertPathValidatorException.BasicReason.EXPIRED) {
+                } else if (reason == BasicReason.EXPIRED) {
                     alert = Alert.CERTIFICATE_EXPIRED;
-                } else if (reason == CertPathValidatorException.BasicReason.INVALID_SIGNATURE ||
-                        reason == CertPathValidatorException.BasicReason.NOT_YET_VALID) {
+                } else if (reason == BasicReason.INVALID_SIGNATURE ||
+                        reason == BasicReason.NOT_YET_VALID) {
                     alert = Alert.BAD_CERTIFICATE;
                 }
             }

kona-ssl/src/main/java/com/tencent/kona/sun/security/ssl/TLCPKeyAgreement.java

@@ -83,32 +83,36 @@ public Map.Entry<Byte, HandshakeProducer>[] getHandshakeProducers(
         if (handshakeContext.sslConfig.isClientMode) {
             switch (this) {
                 case SM2:
-                    return new Map.Entry[] {
-                        new SimpleImmutableEntry<>(
-                            SSLHandshake.CLIENT_KEY_EXCHANGE.id,
-                            SM2ClientKeyExchange.sm2HandshakeProducer)};
+                    return (Map.Entry<Byte,
+                            HandshakeProducer>[]) new Map.Entry[] {
+                            new SimpleImmutableEntry<>(
+                                    SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+                                    SM2ClientKeyExchange.sm2HandshakeProducer)};
                 case SM2E:
-                    return new Map.Entry[] {
-                        new SimpleImmutableEntry<>(
-                            SSLHandshake.CLIENT_KEY_EXCHANGE.id,
-                            SM2EClientKeyExchange.sm2eHandshakeProducer)};
+                    return (Map.Entry<Byte,
+                            HandshakeProducer>[]) new Map.Entry[] {
+                            new SimpleImmutableEntry<>(
+                                    SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+                                    SM2EClientKeyExchange.sm2eHandshakeProducer)};
             }
         } else {
             switch (this) {
                 case SM2:
-                    return new Map.Entry[] {
-                        new SimpleImmutableEntry<>(
-                            SSLHandshake.SERVER_KEY_EXCHANGE.id,
-                            SM2ServerKeyExchange.sm2HandshakeProducer)};
+                    return (Map.Entry<Byte,
+                            HandshakeProducer>[]) new Map.Entry[] {
+                            new SimpleImmutableEntry<>(
+                                    SSLHandshake.SERVER_KEY_EXCHANGE.id,
+                                    SM2ServerKeyExchange.sm2HandshakeProducer)};
                 case SM2E:
-                    return new Map.Entry[] {
-                        new SimpleImmutableEntry<>(
-                            SSLHandshake.SERVER_KEY_EXCHANGE.id,
-                            SM2EServerKeyExchange.sm2eHandshakeProducer)};
+                    return (Map.Entry<Byte,
+                            HandshakeProducer>[]) new Map.Entry[] {
+                            new SimpleImmutableEntry<>(
+                                    SSLHandshake.SERVER_KEY_EXCHANGE.id,
+                                    SM2EServerKeyExchange.sm2eHandshakeProducer)};
             }
         }
 
-        return new Map.Entry[0];
+        return (Map.Entry<Byte, HandshakeProducer>[]) (new Map.Entry[0]);
     }
 
     @Override
@@ -122,31 +126,35 @@ public Map.Entry<Byte, SSLConsumer>[] getHandshakeConsumers(
         if (handshakeContext.sslConfig.isClientMode) {
             switch (this) {
                 case SM2:
-                    return new Map.Entry[] {
-                        new SimpleImmutableEntry<>(
-                            SSLHandshake.SERVER_KEY_EXCHANGE.id,
-                            SM2ServerKeyExchange.sm2HandshakeConsumer)};
+                    return (Map.Entry<Byte,
+                            SSLConsumer>[]) new Map.Entry[] {
+                            new SimpleImmutableEntry<>(
+                                    SSLHandshake.SERVER_KEY_EXCHANGE.id,
+                                    SM2ServerKeyExchange.sm2HandshakeConsumer)};
                 case SM2E:
-                    return new Map.Entry[] {
-                        new SimpleImmutableEntry<>(
-                            SSLHandshake.SERVER_KEY_EXCHANGE.id,
-                            SM2EServerKeyExchange.sm2eHandshakeConsumer)};
+                    return (Map.Entry<Byte,
+                            SSLConsumer>[]) new Map.Entry[] {
+                            new SimpleImmutableEntry<>(
+                                    SSLHandshake.SERVER_KEY_EXCHANGE.id,
+                                    SM2EServerKeyExchange.sm2eHandshakeConsumer)};
             }
         } else {
             switch (this) {
                 case SM2:
-                    return new Map.Entry[] {
-                        new SimpleImmutableEntry<>(
-                            SSLHandshake.CLIENT_KEY_EXCHANGE.id,
-                            SM2ClientKeyExchange.sm2HandshakeConsumer)};
+                    return (Map.Entry<Byte,
+                            SSLConsumer>[]) new Map.Entry[] {
+                            new SimpleImmutableEntry<>(
+                                    SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+                                    SM2ClientKeyExchange.sm2HandshakeConsumer)};
                 case SM2E:
-                    return new Map.Entry[] {
-                        new SimpleImmutableEntry<>(
-                            SSLHandshake.CLIENT_KEY_EXCHANGE.id,
-                            SM2EClientKeyExchange.sm2eHandshakeConsumer)};
+                    return (Map.Entry<Byte,
+                            SSLConsumer>[]) new Map.Entry[] {
+                            new SimpleImmutableEntry<>(
+                                    SSLHandshake.CLIENT_KEY_EXCHANGE.id,
+                                    SM2EClientKeyExchange.sm2eHandshakeConsumer)};
             }
         }
 
-        return new Map.Entry[0];
+        return (Map.Entry<Byte, SSLConsumer>[])(new Map.Entry[0]);
     }
 }