From 91a02fe526481063d1d277f4ce8b8a10c4182c8c Mon Sep 17 00:00:00 2001
From: "Brian P. Hinz" <bphinz@users.sf.net>
Date: Tue, 22 Oct 2019 18:15:52 -0400
Subject: [PATCH] [java] Add support for java 9+ (removes support for java 7).
 Fixes #708,#771

---
 java/CMakeLists.txt                     |  2 +-
 java/com/tigervnc/rfb/CSecurityTLS.java | 20 ++++++++++++++++----
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/java/CMakeLists.txt b/java/CMakeLists.txt
index 22ca2d16..00213d5e 100644
--- a/java/CMakeLists.txt
+++ b/java/CMakeLists.txt
@@ -9,7 +9,7 @@ find_package(Java)
 
 set(DATA_DIR "${CMAKE_INSTALL_PREFIX}/share")
 
-set(DEFAULT_JAVACFLAGS "-source 7 -target 7 -encoding UTF-8 -Xlint:all,-serial,-cast,-unchecked,-fallthrough,-dep-ann,-deprecation,-rawtypes")
+set(DEFAULT_JAVACFLAGS "-source 8 -target 8 -encoding UTF-8 -Xlint:all,-serial,-cast,-unchecked,-fallthrough,-dep-ann,-deprecation,-rawtypes")
 set(JAVACFLAGS ${DEFAULT_JAVACFLAGS} CACHE STRING
   "Java compiler flags (Default: ${DEFAULT_JAVACFLAGS})")
 message(STATUS "Java compiler flags = ${JAVACFLAGS}")
diff --git a/java/com/tigervnc/rfb/CSecurityTLS.java b/java/com/tigervnc/rfb/CSecurityTLS.java
index e07ab9bb..4524b1b7 100644
--- a/java/com/tigervnc/rfb/CSecurityTLS.java
+++ b/java/com/tigervnc/rfb/CSecurityTLS.java
@@ -3,7 +3,7 @@
  * Copyright (C) 2005 Martin Koegler
  * Copyright (C) 2010 m-privacy GmbH
  * Copyright (C) 2010 TigerVNC Team
- * Copyright (C) 2011-2017 Brian P. Hinz
+ * Copyright (C) 2011-2019 Brian P. Hinz
  * Copyright (C) 2015 D. R. Commander.  All Rights Reserved.
  *
  * This is free software; you can redistribute it and/or modify
@@ -41,6 +41,7 @@ import java.io.IOException;
 import java.nio.ByteBuffer;
 import java.nio.charset.Charset;
 import java.util.ArrayList;
+import java.util.Base64;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Iterator;
@@ -50,7 +51,6 @@ import javax.naming.ldap.LdapName;
 import javax.naming.ldap.Rdn;
 import javax.net.ssl.HostnameVerifier;
 import javax.swing.JOptionPane;
-import javax.xml.bind.DatatypeConverter;
 
 import com.tigervnc.rdr.*;
 import com.tigervnc.network.*;
@@ -252,6 +252,18 @@ public class CSecurityTLS extends CSecurity {
       tm.checkClientTrusted(chain, authType);
     }
 
+    private final char[] hexCode = "0123456789ABCDEF".toCharArray();
+
+    private String printHexBinary(byte[] data)
+    {
+      StringBuilder r = new StringBuilder(data.length*2);
+      for (byte b : data) {
+        r.append(hexCode[(b >> 4) & 0xF]);
+        r.append(hexCode[(b & 0xF)]); 
+      }
+      return r.toString();
+    }
+
     public void checkServerTrusted(X509Certificate[] chain, String authType)
       throws CertificateException
     {
@@ -302,7 +314,7 @@ public class CSecurityTLS extends CSecurity {
           }
           if (certs == null || !certs.contains(cert)) {
             byte[] der = cert.getEncoded();
-            String pem = DatatypeConverter.printBase64Binary(der);
+            String pem = Base64.getEncoder().encodeToString(der);
             pem = pem.replaceAll("(.{64})", "$1\n");
             FileWriter fw = null;
             try {
@@ -345,7 +357,7 @@ public class CSecurityTLS extends CSecurity {
       try {
         MessageDigest md = MessageDigest.getInstance("SHA-1");
         md.update(cert.getEncoded());
-        thumbprint = DatatypeConverter.printHexBinary(md.digest());
+        thumbprint = printHexBinary(md.digest());
         thumbprint = thumbprint.replaceAll("..(?!$)", "$0 ");
       } catch(CertificateEncodingException e) {
         throw new SystemException(e.getMessage());
-- 
2.39.5