Complete deprecation annotations already started

org/mozilla/jss/CryptoManager.java

@@ -1085,6 +1085,7 @@ private native int verifyCertificateNowCUNative(String nickname,
      *      with the given nickname.
      * @deprecated Use verifyCertificate() instead
      */
+    @Deprecated
     public boolean isCertValid(String nickname, boolean checkSig,
             CertificateUsage certificateUsage)
         throws ObjectNotFoundException, InvalidNicknameException

org/mozilla/jss/crypto/Algorithm.java

@@ -84,6 +84,7 @@ public OBJECT_IDENTIFIER toOID() throws NoSuchAlgorithmException {
      * @return Parameter type.
      * @deprecated Call <tt>getParameterClasses()</tt> instead.
      */
+    @Deprecated
     public Class<?> getParameterClass() {
         if( parameterClasses.length == 0) {
             return null;

org/mozilla/jss/crypto/BadPaddingException.java

@@ -6,6 +6,7 @@
 /**
  * @deprecated Use javax.crypto.BadPaddingException.
  */
+@Deprecated
 public class BadPaddingException extends javax.crypto.BadPaddingException {
     private static final long serialVersionUID = 1L;
     public BadPaddingException() {

org/mozilla/jss/crypto/EncryptionAlgorithm.java

@@ -226,6 +226,7 @@ public static EncryptionAlgorithm fromOID(OBJECT_IDENTIFIER oid)
      *  don't contain key length, which is necessary to distinguish between
      *  AES algorithms.
      */
+    @Deprecated
     public static EncryptionAlgorithm fromString(String name)
         throws NoSuchAlgorithmException
     {
@@ -274,7 +275,6 @@ public int getBlockSize() {
 
     /**
      * @return <code>true</code> if this algorithm performs padding.
-     * @deprecated Call <tt>getPaddingType()</tt> instead.
      */
     public boolean isPadded() {
         return ! Padding.NONE.equals(padding);

org/mozilla/jss/crypto/PBEKeyGenParams.java

@@ -124,6 +124,10 @@ public void clear() {
         pass.clear();
     }
 
+    /**
+     * @deprecated finalize() in Object has been deprecated
+     */
+    @Deprecated
     protected void finalize() throws Throwable {
         pass.clear();
     }

org/mozilla/jss/crypto/PrivateKey.java

@@ -32,10 +32,6 @@ public interface PrivateKey extends java.security.PrivateKey
      * certificates to keys.
      *
      * @see org.mozilla.jss.crypto.TokenCertificate#getUniqueID
-     * @deprecated This ID is based on an implementation that might change.
-     *      If this functionality is required, it should be provided in
-     *      another way, such as a function that directly matches a cert and
-     *      key.
      */
     public byte[] getUniqueID() throws TokenException;
 

org/mozilla/jss/crypto/TokenCertificate.java

@@ -17,10 +17,6 @@ public interface TokenCertificate extends X509Certificate {
      * certificates to keys.
      *
      * @see org.mozilla.jss.crypto.PrivateKey#getUniqueID
-     * @deprecated This ID is based on an implementation that might change.
-     *      If this functionality is required, it should be provided in
-     *      another way, such as a function that directly matches a cert and
-     *      key.
      */
     public abstract byte[] getUniqueID();
 

org/mozilla/jss/netscape/security/acl/AclEntryImpl.java

@@ -138,7 +138,9 @@ public Enumeration<Permission> permissions() {
 
     /**
      * Return a string representation of the contents of the ACL entry.
+     * @deprecated Group and Permission in java.security.acl have been deprecated and marked for removal
      */
+    @Deprecated
     public String toString() {
         StringBuffer s = new StringBuffer();
         if (negative)
@@ -152,7 +154,7 @@ public String toString() {
         s.append(user + "=");
         Enumeration<Permission> e = permissions();
         while (e.hasMoreElements()) {
-            Permission p = e.nextElement();
+            @Deprecated Permission p = e.nextElement();
             s.append(p);
             if (e.hasMoreElements())
                 s.append(",");

org/mozilla/jss/netscape/security/acl/AclImpl.java

@@ -32,7 +32,9 @@
  * An Access Control List (ACL) is encapsulated by this class.
  *
  * @author Satish Dharmaraj
+ * @deprecated Owner in java.security.acl has been deprecated and marked for removal
  */
+@Deprecated
 public class AclImpl extends OwnerImpl implements Acl {
     //
     // Maintain four tables. one each for positive and negative
@@ -165,7 +167,9 @@ public synchronized boolean removeEntry(Principal caller, AclEntry entry)
      *
      * @param user the principal for which the ACL entry is returned.
      * @return The resulting permission set that the principal is allowed.
+     * @deprecated Permission in java.security.acl has been deprecated and marked for removal
      */
+    @Deprecated
     public synchronized Enumeration<Permission> getPermissions(Principal user) {
 
         Enumeration<Permission> individualPositive;
@@ -313,6 +317,10 @@ private <T> Enumeration<T> subtract(Enumeration<T> e1, Enumeration<T> e2) {
         return v.elements();
     }
 
+    /**
+     * @deprecated Permission in java.security.acl has been deprecated and marked for removal
+     */
+    @Deprecated
     private Enumeration<Permission> getGroupPositive(Principal user) {
         Enumeration<Permission> groupPositive = zeroSet.elements();
         Enumeration<Principal> e = allowedGroupsTable.keys();
@@ -326,6 +334,10 @@ private Enumeration<Permission> getGroupPositive(Principal user) {
         return groupPositive;
     }
 
+    /**
+     * @deprecated Permission in java.security.acl has been deprecated and marked for removal
+     */
+    @Deprecated
     private Enumeration<Permission> getGroupNegative(Principal user) {
         Enumeration<Permission> groupNegative = zeroSet.elements();
         Enumeration<Principal> e = deniedGroupsTable.keys();
@@ -339,6 +351,10 @@ private Enumeration<Permission> getGroupNegative(Principal user) {
         return groupNegative;
     }
 
+    /**
+     * @deprecated Permission in java.security.acl has been deprecated and marked for removal
+     */
+    @Deprecated
     private Enumeration<Permission> getIndividualPositive(Principal user) {
         Enumeration<Permission> individualPositive = zeroSet.elements();
         AclEntry ae = allowedUsersTable.get(user);
@@ -347,6 +363,10 @@ private Enumeration<Permission> getIndividualPositive(Principal user) {
         return individualPositive;
     }
 
+    /**
+     * @deprecated Permission in java.security.acl has been deprecated and marked for removal
+     */
+    @Deprecated
     private Enumeration<Permission> getIndividualNegative(Principal user) {
         Enumeration<Permission> individualNegative = zeroSet.elements();
         AclEntry ae = deniedUsersTable.get(user);
@@ -356,10 +376,20 @@ private Enumeration<Permission> getIndividualNegative(Principal user) {
     }
 }
 
+/**
+ * @deprecated Acl in java.security.acl has been deprecated and marked for removal
+ * @deprecated AclEntry in java.security.acl has been deprecated and marked for removal
+ */
+@Deprecated
 final class AclEnumerator implements Enumeration<AclEntry> {
-    Acl acl;
+    @Deprecated Acl acl;
     Enumeration<AclEntry> u1, u2, g1, g2;
 
+    /**
+     * @deprecated AclEntry in java.security.acl has been deprecated and marked for removal
+     * @deprecated Acl in java.security.acl has been deprecated and marked for removal
+     */
+    @Deprecated
     AclEnumerator(Acl acl, Hashtable<Principal, AclEntry> u1, Hashtable<Principal, AclEntry> g1,
             Hashtable<Principal, AclEntry> u2, Hashtable<Principal, AclEntry> g2) {
         this.acl = acl;

org/mozilla/jss/netscape/security/acl/GroupImpl.java

@@ -26,7 +26,9 @@
  * This class implements a group of principals.
  *
  * @author Satish Dharmaraj
+ * @deprecated Group in java.security.acl has been deprecated and marked for removal
  */
+@Deprecated
 public class GroupImpl implements Group {
     private Vector<Principal> groupMembers = new Vector<Principal>(50, 100);
     private String group;
@@ -82,7 +84,9 @@ public Enumeration<Principal> members() {
      * the group represented in this interface.
      *
      * @param another The group to compare this group to.
+     * @deprecated Group in java.security.acl has been deprecated and marked for removal
      */
+    @Deprecated
     public boolean equals(Group another) {
         return group.equals(another.toString());
     }
@@ -107,7 +111,9 @@ public int hashCode() {
      * @param member The principal whose membership must be checked for.
      * @return true if the principal is a member of this group,
      *         false otherwise
+     * @deprecated Group in java.security.acl has been deprecated and marked for removal
      */
+    @Deprecated
     public boolean isMember(Principal member) {
 
         //
@@ -130,12 +136,15 @@ public String getName() {
         return group;
     }
 
-    //
-    // This function is the recursive search of groups for this
-    // implementation of the Group. The search proceeds building up
-    // a vector of already seen groups. Only new groups are considered,
-    // thereby avoiding loops.
-    //
+    /**
+     * This function is the recursive search of groups for this
+     * implementation of the Group. The search proceeds building up
+     * a vector of already seen groups. Only new groups are considered,
+     * thereby avoiding loops.
+     *
+     * @deprecated Group in java.security.acl has been deprecated and marked for removal
+     */
+    @Deprecated
     boolean isMemberRecurse(Principal member, Vector<Group> alreadySeen) {
         Enumeration<Principal> e = members();
         while (e.hasMoreElements()) {
@@ -155,12 +164,12 @@ boolean isMemberRecurse(Principal member, Vector<Group> alreadySeen) {
                 // case rather than clutter the interface by forcing the
                 // implementation of this method.)
                 //
-                GroupImpl g = (GroupImpl) p;
+                @Deprecated GroupImpl g = (GroupImpl) p;
                 alreadySeen.addElement(this);
                 if (!alreadySeen.contains(g))
                     mem = g.isMemberRecurse(member, alreadySeen);
             } else if (p instanceof Group) {
-                Group g = (Group) p;
+                @Deprecated Group g = (Group) p;
                 if (!alreadySeen.contains(g))
                     mem = g.isMember(member);
             }

org/mozilla/jss/netscape/security/acl/OwnerImpl.java

@@ -30,9 +30,11 @@
  * part of the constructor.
  *
  * @author Satish Dharmaraj
+ * @deprecated Owner in java.security.acl has been deprecated and marked for removal
  */
+@Deprecated
 public class OwnerImpl implements Owner {
-    private Group ownerGroup;
+    @Deprecated private Group ownerGroup;
 
     public OwnerImpl(Principal owner) {
         ownerGroup = new GroupImpl("AclOwners");
@@ -51,7 +53,9 @@ public OwnerImpl(Principal owner) {
      * @return true if success, false if already an owner.
      * @exception NotOwnerException if the caller principal is not on
      *                the owners list of the Acl.
+     * @deprecated LastOwnerException in java.security.acl has been deprecated and marked for removal
      */
+    @Deprecated
     public synchronized boolean addOwner(Principal caller, Principal owner)
             throws NotOwnerException {
         if (!isOwner(caller))
@@ -75,7 +79,9 @@ public synchronized boolean addOwner(Principal caller, Principal owner)
      *                the owners list of the Acl.
      * @exception LastOwnerException if there is only one owner left in the group, then
      *                deleteOwner would leave the ACL owner-less. This exception is raised in such a case.
+     * @deprecated LastOwnerException in java.security.acl has been deprecated and marked for removal
      */
+    @Deprecated
     public synchronized boolean deleteOwner(Principal caller, Principal owner)
             throws NotOwnerException, LastOwnerException {
         if (!isOwner(caller))
@@ -89,8 +95,7 @@ public synchronized boolean deleteOwner(Principal caller, Principal owner)
         if (e.hasMoreElements())
             return ownerGroup.removeMember(owner);
         else
-            throw new LastOwnerException();
-
+           throw new LastOwnerException();
     }
 
     /**

org/mozilla/jss/netscape/security/acl/WorldGroupImpl.java

@@ -23,9 +23,15 @@
  * This class implements a group of principals.
  *
  * @author Satish Dharmaraj
+ * @deprecated GroupImpl in org.mozilla.jss.netscape.security.acl has been deprecated
  */
+@Deprecated
 public class WorldGroupImpl extends GroupImpl {
 
+    /**
+     * @deprecated GroupImpl in org.mozilla.jss.netscape.security.acl has been deprecated
+     */
+    @Deprecated
     public WorldGroupImpl(String s) {
         super(s);
     }
@@ -35,7 +41,9 @@ public WorldGroupImpl(String s) {
      *
      * @param member The principal whose membership must be checked in this Group.
      * @return true always since this is the "world" group.
+     * @deprecated isMember(Principal) in GroupImpl has been deprecated
      */
+    @Deprecated
     public boolean isMember(Principal member) {
         return true;
     }

org/mozilla/jss/netscape/security/provider/DSA.java

@@ -435,8 +435,9 @@ static int[] SHA_7(int[] m1, int[] h) {
      *
      * </dl>
      *
-     * @deprecated
+     * @deprecated Replaced by engineSetParameter(AlgorithmParameterSpec params)
      */
+    @Deprecated
     protected void engineSetParameter(String key, Object param) {
 
         if (key.equals("KSEED")) {
@@ -470,8 +471,10 @@ protected void engineSetParameter(String key, Object param) {
      *
      * @return the value of the requested parameter.
      *
-     * @deprecated
+     * @deprecated no replacent given
+     * @see https://docs.oracle.com/javase/10/docs/api/java/security/SignatureSpi.html#engineGetParameter(java.lang.String)
      */
+    @Deprecated
     protected Object engineGetParameter(String key) {
         if (key.equals("KSEED")) {
             return KseedAsByteArray;

org/mozilla/jss/netscape/security/x509/AlgorithmId.java

@@ -190,6 +190,7 @@ private AlgorithmId(ObjectIdentifier oid, DerValue params)
      *
      * @deprecated use one of the other constructors.
      */
+    @Deprecated
     public AlgorithmId() {
     }
 

org/mozilla/jss/netscape/security/x509/CertAndKeyGen.java

@@ -86,6 +86,7 @@ public CertAndKeyGen(String keyType, String sigAlg)
      *
      * @deprecated All random numbers come from PKCS #11 now.
      */
+    @Deprecated
     public void setRandom(SecureRandom generator) {
     }
 
@@ -166,6 +167,7 @@ public PrivateKey getPrivateKey() {
      * @param myname X.500 name of the subject (who is also the issuer)
      * @param validity how long the certificate should be valid, in seconds
      */
+    @Deprecated
     public X509Cert getSelfCert(X500Name myname, long validity)
             throws InvalidKeyException, SignatureException, NoSuchAlgorithmException {
         X509Certificate cert;

org/mozilla/jss/netscape/security/x509/X509Cert.java

@@ -46,6 +46,7 @@
  * @deprecated Use the new X509Certificate class.
  *             This class is only restored for backwards compatibility.
  */
+@Deprecated
 public class X509Cert implements Certificate, Serializable {
 
     /**

org/mozilla/jss/pkcs11/KeyType.java

@@ -151,6 +151,7 @@ public String toString() {
      * @deprecated As of NSS 3.11, FORTEZZA is no longer supported.
      * This is just a placeholder for backward compatibility.
      */
+    @Deprecated
     static public final KeyType
     FORTEZZA = new KeyType(new Algorithm[0], "FORTEZZA");