CRLException with the specified
+ * Creates a {@code CRLException} with the specified
* detail message and cause.
*
* @param message the detail message (which is saved for later retrieval
@@ -72,7 +72,7 @@
}
/**
- * Creates a CRLException with the specified cause
+ * Creates a {@code CRLException} with the specified cause
* and a detail message of (cause==null ? null : cause.toString())
* (which typically contains the class and detail message of
* cause).
--- old/src/share/classes/java/security/cert/CRLSelector.java 2013-06-21 18:29:48.893762891 -0700
+++ new/src/share/classes/java/security/cert/CRLSelector.java 2013-06-21 18:29:48.729762894 -0700
@@ -26,9 +26,9 @@
package java.security.cert;
/**
- * A selector that defines a set of criteria for selecting CRLs.
+ * A selector that defines a set of criteria for selecting {@code CRL}s.
* Classes that implement this interface are often used to specify
- * which CRLs should be retrieved from a CertStore.
+ * which {@code CRL}s should be retrieved from a {@code CertStore}.
* * Concurrent Access *
@@ -48,19 +48,19 @@
public interface CRLSelector extends Cloneable {
/**
- * Decides whether a CRL should be selected.
+ * Decides whether a {@code CRL} should be selected.
*
- * @param crl the CRL to be checked
- * @return true if the CRL should be selected,
- * false otherwise
+ * @param crl the {@code CRL} to be checked
+ * @return {@code true} if the {@code CRL} should be selected,
+ * {@code false} otherwise
*/
boolean match(CRL crl);
/**
- * Makes a copy of this CRLSelector. Changes to the
+ * Makes a copy of this {@code CRLSelector}. Changes to the
* copy will not affect the original and vice versa.
*
- * @return a copy of this CRLSelector
+ * @return a copy of this {@code CRLSelector}
*/
Object clone();
}
--- old/src/share/classes/java/security/cert/CertPath.java 2013-06-21 18:29:49.293762882 -0700
+++ new/src/share/classes/java/security/cert/CertPath.java 2013-06-21 18:29:49.133762886 -0700
@@ -36,56 +36,56 @@
* An immutable sequence of certificates (a certification path).
*
* This is an abstract class that defines the methods common to all
- * CertPaths. Subclasses can handle different kinds of
+ * {@code CertPath}s. Subclasses can handle different kinds of
* certificates (X.509, PGP, etc.).
*
- * All CertPath objects have a type, a list of
- * Certificates, and one or more supported encodings. Because the
- * CertPath class is immutable, a CertPath cannot
+ * All {@code CertPath} objects have a type, a list of
+ * {@code Certificate}s, and one or more supported encodings. Because the
+ * {@code CertPath} class is immutable, a {@code CertPath} cannot
* change in any externally visible way after being constructed. This
* stipulation applies to all public fields and methods of this class and any
* added or overridden by subclasses.
*
- * The type is a String that identifies the type of
- * Certificates in the certification path. For each
- * certificate cert in a certification path certPath,
- * cert.getType().equals(certPath.getType()) must be
- * true.
- *
- * The list of Certificates is an ordered List of
- * zero or more Certificates. This List and all
- * of the Certificates contained in it must be immutable.
+ * The type is a {@code String} that identifies the type of
+ * {@code Certificate}s in the certification path. For each
+ * certificate {@code cert} in a certification path {@code certPath},
+ * {@code cert.getType().equals(certPath.getType())} must be
+ * {@code true}.
+ *
+ * The list of {@code Certificate}s is an ordered {@code List} of + * zero or more {@code Certificate}s. This {@code List} and all + * of the {@code Certificate}s contained in it must be immutable. *
- * Each CertPath object must support one or more encodings
+ * Each {@code CertPath} object must support one or more encodings
* so that the object can be translated into a byte array for storage or
* transmission to other parties. Preferably, these encodings should be
* well-documented standards (such as PKCS#7). One of the encodings supported
- * by a CertPath is considered the default encoding. This
+ * by a {@code CertPath} is considered the default encoding. This
* encoding is used if no encoding is explicitly requested (for the
* {@link #getEncoded() getEncoded()} method, for instance).
*
- * All CertPath objects are also Serializable.
- * CertPath objects are resolved into an alternate
+ * All {@code CertPath} objects are also {@code Serializable}.
+ * {@code CertPath} objects are resolved into an alternate
* {@link CertPathRep CertPathRep} object during serialization. This allows
- * a CertPath object to be serialized into an equivalent
+ * a {@code CertPath} object to be serialized into an equivalent
* representation regardless of its underlying implementation.
*
- * CertPath objects can be created with a
- * CertificateFactory or they can be returned by other classes,
- * such as a CertPathBuilder.
+ * {@code CertPath} objects can be created with a
+ * {@code CertificateFactory} or they can be returned by other classes,
+ * such as a {@code CertPathBuilder}.
*
- * By convention, X.509 CertPaths (consisting of
- * X509Certificates), are ordered starting with the target
+ * By convention, X.509 {@code CertPath}s (consisting of
+ * {@code X509Certificate}s), are ordered starting with the target
* certificate and ending with a certificate issued by the trust anchor. That
* is, the issuer of one certificate is the subject of the following one. The
* certificate representing the {@link TrustAnchor TrustAnchor} should not be
- * included in the certification path. Unvalidated X.509 CertPaths
- * may not follow these conventions. PKIX CertPathValidators will
+ * included in the certification path. Unvalidated X.509 {@code CertPath}s
+ * may not follow these conventions. PKIX {@code CertPathValidator}s will
* detect any departure from these conventions that cause the certification
- * path to be invalid and throw a CertPathValidatorException.
+ * path to be invalid and throw a {@code CertPathValidatorException}.
*
*
Every implementation of the Java platform is required to support the
- * following standard CertPath encodings:
+ * following standard {@code CertPath} encodings:
*
* Concurrent Access *
- * All CertPath objects must be thread-safe. That is, multiple
+ * All {@code CertPath} objects must be thread-safe. That is, multiple
* threads may concurrently invoke the methods defined in this class on a
- * single CertPath object (or more than one) with no
- * ill effects. This is also true for the List returned by
- * CertPath.getCertificates.
+ * single {@code CertPath} object (or more than one) with no
+ * ill effects. This is also true for the {@code List} returned by
+ * {@code CertPath.getCertificates}.
*
- * Requiring CertPath objects to be immutable and thread-safe
+ * Requiring {@code CertPath} objects to be immutable and thread-safe
* allows them to be passed around to various pieces of code without worrying
* about coordinating access. Providing this thread-safety is
- * generally not difficult, since the CertPath and
- * List objects in question are immutable.
+ * generally not difficult, since the {@code CertPath} and
+ * {@code List} objects in question are immutable.
*
* @see CertificateFactory
* @see CertPathBuilder
@@ -124,25 +124,25 @@
private String type; // the type of certificates in this chain
/**
- * Creates a CertPath of the specified type.
+ * Creates a {@code CertPath} of the specified type.
*
* This constructor is protected because most users should use a
- *
* This algorithm is implemented by this method. If it is overridden,
* the behavior specified here must be maintained.
@@ -195,14 +195,14 @@
* Returns the hashcode for this certification path. The hash code of
* a certification path is defined to be the result of the following
* calculation:
- *
* This class uses a provider-based architecture.
- * To create a Once a Once a {@code CertPathBuilder} object has been created, certification
* paths can be constructed by calling the {@link #build build} method and
* passing it an algorithm-specific set of parameters. If successful, the
- * result (including the The {@link #getRevocationChecker} method allows an application to specify
@@ -67,7 +67,7 @@
*
*
* Every implementation of the Java platform is required to support the
- * following standard
* However, this is not true for the non-static methods defined by this class.
* Unless otherwise documented by a specific provider, threads that need to
- * access a single This method traverses the list of registered security Providers,
@@ -142,13 +142,13 @@
* Note that the list of registered providers may be retrieved via
* the {@link Security#getProviders() Security.getProviders()} method.
*
- * @param algorithm the name of the requested A new CertPathBuilder object encapsulating the
@@ -177,7 +177,7 @@
* Note that the list of registered providers may be retrieved via
* the {@link Security#getProviders() Security.getProviders()} method.
*
- * @param algorithm the name of the requested A new CertPathBuilder object encapsulating the
@@ -217,7 +217,7 @@
* object is returned. Note that the specified Provider object
* does not have to be registered in the provider list.
*
- * @param algorithm the name of the requested
- * A
@@ -53,7 +53,7 @@
private static final long serialVersionUID = 5316471420178794402L;
/**
- * Creates a
- * At a minimum, a
* Concurrent Access
*
* Instances of this class need not be protected against concurrent
* access from multiple threads. Threads that need to access a single
- *
- * However, implementations of
* This class uses a provider-based architecture.
- * To create a Once a Once a {@code CertPathValidator} object has been created, it can
* be used to validate certification paths by calling the {@link #validate
- * validate} method and passing it the The {@link #getRevocationChecker} method allows an application to specify
* additional algorithm-specific parameters and options used by the
@@ -69,7 +69,7 @@
*
*
* Every implementation of the Java platform is required to support the
- * following standard
* However, this is not true for the non-static methods defined by this class.
* Unless otherwise documented by a specific provider, threads that need to
- * access a single This method traverses the list of registered security Providers,
@@ -143,13 +143,13 @@
* Note that the list of registered providers may be retrieved via
* the {@link Security#getProviders() Security.getProviders()} method.
*
- * @param algorithm the name of the requested A new CertPathValidator object encapsulating the
@@ -178,7 +178,7 @@
* Note that the list of registered providers may be retrieved via
* the {@link Security#getProviders() Security.getProviders()} method.
*
- * @param algorithm the name of the requested A new CertPathValidator object encapsulating the
@@ -219,7 +219,7 @@
* object is returned. Note that the specified Provider object
* does not have to be registered in the provider list.
*
- * @param algorithm the name of the requested
- * The
- * A
- * A
* Concurrent Access
*
* Instances of this class need not be protected against concurrent
* access from multiple threads. Threads that need to access a single
- *
- * However, implementations of
- * The
* Concurrent Access
*
@@ -49,19 +49,19 @@
public interface CertSelector extends Cloneable {
/**
- * Decides whether a
* This class uses a provider-based architecture.
- * To create a
- * Once the
* Unlike a {@link java.security.KeyStore KeyStore}, which provides access
* to a cache of private keys and trusted certificates, a
- * Every implementation of the Java platform is required to support the
- * following standard
* Concurrent Access
*
- * All public methods of
* The static methods of this class are also guaranteed to be thread-safe.
@@ -104,13 +104,13 @@
private CertStoreParameters params;
/**
- * Creates a
- * For some
- * Some
- * For some
- * Some This method traverses the list of registered security Providers,
@@ -195,29 +195,29 @@
* Note that the list of registered providers may be retrieved via
* the {@link Security#getProviders() Security.getProviders()} method.
*
- * The The {@code CertStore} that is returned is initialized with the
+ * specified {@code CertStoreParameters}. The type of parameters
+ * needed may vary between different types of {@code CertStore}s.
+ * Note that the specified {@code CertStoreParameters} object is
* cloned.
*
- * @param type the name of the requested A new CertStore object encapsulating the
* CertStoreSpi implementation from the specified provider
@@ -255,23 +255,23 @@
* Note that the list of registered providers may be retrieved via
* the {@link Security#getProviders() Security.getProviders()} method.
*
- * The The {@code CertStore} that is returned is initialized with the
+ * specified {@code CertStoreParameters}. The type of parameters
+ * needed may vary between different types of {@code CertStore}s.
+ * Note that the specified {@code CertStoreParameters} object is
* cloned.
*
- * @param type the requested A new CertStore object encapsulating the
* CertStoreSpi implementation from the specified Provider
* object is returned. Note that the specified Provider object
* does not have to be registered in the provider list.
*
- * The The {@code CertStore} that is returned is initialized with the
+ * specified {@code CertStoreParameters}. The type of parameters
+ * needed may vary between different types of {@code CertStore}s.
+ * Note that the specified {@code CertStoreParameters} object is
* cloned.
*
- * @param type the requested
- * A
@@ -53,7 +53,7 @@
private static final long serialVersionUID = 2395296107471573245L;
/**
- * Creates a
* The purpose of this interface is to group (and provide type safety for)
- * all
- * Typically, a
* The precise meaning of "copy" may depend on the class of
- * the
- * Note that the
* Each subclass should state the precise behavior of this method so
* that users and developers know what to expect.
*
- * @return a copy of this
* Concurrent Access
*
- * The public methods of all
- * Simple
- * For some
- * Some
- * For some
- * Some This method was added to version 1.8 of the Java Platform
* Standard Edition. In order to maintain backwards compatibility with
- * existing service providers, this method cannot be For encodings consisting of multiple certificates, use
- * A certificate factory for X.509 must return certificates that are an
- * instance of The following example reads a file with Base64 encoded certificates,
* which are each bounded at the beginning by -----BEGIN CERTIFICATE-----, and
* bounded at the end by -----END CERTIFICATE-----. We convert the
- *
*
@@ -92,11 +92,11 @@
*
*
* Every implementation of the Java platform is required to support the
- * following standard In order to take advantage of the specialized certificate format
* supported by this certificate factory,
* the returned certificate object can be typecast to the corresponding
* certificate class. For example, if this certificate
* factory implements X.509 certificates, the returned certificate object
- * can be typecast to the In the case of a certificate factory for X.509 certificates, the
- * certificate provided in
- * Attempts to modify the returned
* The certificates supplied must be of a type supported by the
- * In order to take advantage of the specialized certificate format
* supported by this certificate factory, each element in
* the returned collection view can be typecast to the corresponding
* certificate class. For example, if this certificate
* factory implements X.509 certificates, the elements in the returned
- * collection can be typecast to the In the case of a certificate factory for X.509 certificates,
- * In order to take advantage of the specialized CRL format
* supported by this certificate factory,
* the returned CRL object can be typecast to the corresponding
* CRL class. For example, if this certificate
* factory implements X.509 CRLs, the returned CRL object
- * can be typecast to the Note that if the given input stream does not support
* {@link java.io.InputStream#mark(int) mark} and
@@ -482,7 +482,7 @@
* end-of-CRL marker. If the data in the
* input stream does not contain an inherent end-of-CRL marker (other
* than EOF) and there is trailing data after the CRL is parsed, a
- * In order to take advantage of the specialized CRL format
* supported by this certificate factory, each element in
* the returned collection view can be typecast to the corresponding
* CRL class. For example, if this certificate
* factory implements X.509 CRLs, the elements in the returned
- * collection can be typecast to the In the case of a certificate factory for X.509 CRLs,
- * Certificate factories are used to generate certificate, certification path
- * ( A certificate factory for X.509 must return certificates that are an
- * instance of In order to take advantage of the specialized certificate format
* supported by this certificate factory,
* the returned certificate object can be typecast to the corresponding
* certificate class. For example, if this certificate
* factory implements X.509 certificates, the returned certificate object
- * can be typecast to the In the case of a certificate factory for X.509 certificates, the
- * certificate provided in This method was added to version 1.4 of the Java 2 Platform
* Standard Edition. In order to maintain backwards compatibility with
- * existing service providers, this method cannot be This method was added to version 1.4 of the Java 2 Platform
* Standard Edition. In order to maintain backwards compatibility with
- * existing service providers, this method cannot be
* The certificates supplied must be of a type supported by the
- * This method was added to version 1.4 of the Java 2 Platform
* Standard Edition. In order to maintain backwards compatibility with
- * existing service providers, this method cannot be
- * Attempts to modify the returned This method was added to version 1.4 of the Java 2 Platform
* Standard Edition. In order to maintain backwards compatibility with
- * existing service providers, this method cannot be In order to take advantage of the specialized certificate format
* supported by this certificate factory, each element in
* the returned collection view can be typecast to the corresponding
* certificate class. For example, if this certificate
* factory implements X.509 certificates, the elements in the returned
- * collection can be typecast to the In the case of a certificate factory for X.509 certificates,
- * In order to take advantage of the specialized CRL format
* supported by this certificate factory,
* the returned CRL object can be typecast to the corresponding
* CRL class. For example, if this certificate
* factory implements X.509 CRLs, the returned CRL object
- * can be typecast to the Note that if the given input stream does not support
* {@link java.io.InputStream#mark(int) mark} and
@@ -265,7 +265,7 @@
* end-of-CRL marker. If the data in the
* input stream does not contain an inherent end-of-CRL marker (other
* than EOF) and there is trailing data after the CRL is parsed, a
- * In order to take advantage of the specialized CRL format
* supported by this certificate factory, each element in
* the returned collection view can be typecast to the corresponding
* CRL class. For example, if this certificate
* factory implements X.509 CRLs, the elements in the returned
- * collection can be typecast to the In the case of a certificate factory for X.509 CRLs,
- *
* This class is used to provide necessary configuration parameters
- * to implementations of the Collection
* Concurrent Access
@@ -58,30 +58,30 @@
private Collection coll;
/**
- * Creates an instance of
- * The
- * If the
* This class is used to provide necessary configuration parameters (server
- * name and port number) to implementations of the LDAP
* Concurrent Access
@@ -59,13 +59,13 @@
private String serverName;
/**
- * Creates an instance of
* Note: this method currently performs a shallow copy of the object
- * (simply calls
- * A PKIX To instantiate a To instantiate a {@code PKIXBuilderParameters} object, an
* application must specify one or more most-trusted CAs as defined by
* the PKIX certification path validation algorithm. The most-trusted CA
* can be specified using one of two constructors. An application
* can call {@link #PKIXBuilderParameters(Set, CertSelector)
* PKIXBuilderParameters(Set, CertSelector)}, specifying a
- * In addition, an application must specify constraints on the target
- * certificate that the
* Concurrent Access
*
@@ -80,23 +80,23 @@
private int maxPathLength = 5;
/**
- * Creates an instance of Note that the Note that the {@code Set} is copied to protect against
* subsequent modifications.
*
- * @param trustAnchors a A value of 0 implies that the path can only contain
@@ -149,14 +149,14 @@
* Setting a value less than -1 will cause an exception to be thrown.
*
* If any of the CA certificates contain the
- * Instances of Instances of {@code PKIXCertPathBuilderResult} are returned by
+ * the {@code build} method of {@code CertPathBuilder}
* objects implementing the PKIX algorithm.
*
- * All All {@code PKIXCertPathBuilderResult} objects contain the
* certification path constructed by the build algorithm, the
* valid policy tree and subject public key resulting from the build
- * algorithm, and a
* Concurrent Access
@@ -62,18 +62,18 @@
private CertPath certPath;
/**
- * Creates an instance of A concrete implementation of the A concrete implementation of the {@code PKIXCertPathChecker} class
* can be created to extend the PKIX certification path validation algorithm.
* For example, an implementation may check for and process a critical private
* extension of each certificate in a certification path.
*
- * Instances of Instances of {@code PKIXCertPathChecker} are passed as parameters
* using the {@link PKIXParameters#setCertPathCheckers setCertPathCheckers}
* or {@link PKIXParameters#addCertPathChecker addCertPathChecker} methods
- * of the A A {@code PKIXCertPathChecker} may be called multiple times on
* successive certificates in a certification path. Concrete subclasses
* are expected to maintain any internal state that may be necessary to
* check successive certificates. The {@link #init init} method is used
* to initialize the internal state of the checker so that the certificates
* of a new certification path may be checked. A stateful implementation
* must override the {@link #clone clone} method if necessary in
- * order to allow a PKIX The order in which the certificates are presented to the
- *
- * The
- * Each element of the set is a
- * All X.509 certificate extensions that a Instances of Instances of {@code PKIXCertPathValidatorResult} are returned by the
* {@link CertPathValidator#validate validate} method of
- * All All {@code PKIXCertPathValidatorResult} objects contain the
* valid policy tree and subject public key resulting from the
- * validation algorithm, as well as a
@@ -62,16 +62,16 @@
private PublicKey subjectPublicKey;
/**
- * Creates an instance of Most applications will not need to examine the valid policy tree.
* They can achieve their policy processing goals by setting the
- * policy-related parameters in
- * A PKIX To instantiate a To instantiate a {@code PKIXParameters} object, an
* application must specify one or more most-trusted CAs as defined by
* the PKIX certification path validation algorithm. The most-trusted CAs
* can be specified using one of two constructors. An application
* can call {@link #PKIXParameters(Set) PKIXParameters(Set)},
- * specifying a
- * Once a
- * Any parameter that is not set (or is set to
@@ -99,20 +99,20 @@
private CertSelector certSelector;
/**
- * Creates an instance of
- * Note that the
- * Note that the
- * Note that the
- * Note that the
- * When a When a When a {@code PKIXParameters} object is created, this flag is
* set to true. This setting reflects the most common (and simplest)
* strategy for processing policy qualifiers. Applications that want to use
* a more sophisticated policy must set this flag to false.
@@ -459,7 +459,7 @@
* extension that is marked critical are rejected.
* If the flag is false, certificates are not rejected on this basis.
*
- * When a When a {@code PKIXParameters} object is created, this flag is
* set to true. This setting reflects the most common (and simplest)
* strategy for processing policy qualifiers. Applications that want to use
* a more sophisticated policy must set this flag to false.
@@ -473,12 +473,12 @@
/**
* Returns the time for which the validity of the certification path
- * should be determined. If
- * Note that the
- * Note that the
- * Each
* This method allows sophisticated applications to extend a PKIX
- *
- * Regardless of whether these additional
- * Note that the
- * Note that the Note that the Note that the {@code CertSelector} returned is cloned
* to protect against subsequent modifications.
*
- * @return a Note that the Note that the {@code CertSelector} specified is cloned
* to protect against subsequent modifications.
*
- * @param selector a Most applications will not need to examine the valid policy tree.
* They can achieve their policy processing goals by setting the
- * policy-related parameters in Concurrent Access
- * All All {@code PolicyNode} objects must be immutable and
* thread-safe. Multiple threads may concurrently invoke the methods defined
- * in this class on a single
- * A Concurrent Access
*
- * All All {@code PolicyQualifierInfo} objects must be immutable and
* thread-safe. That is, multiple threads may concurrently invoke the
- * methods defined in this class on a single
* Concurrent Access
*
- * All All {@code TrustAnchor} objects must be immutable and
* thread-safe. That is, multiple threads may concurrently invoke the
- * methods defined in this class on a single
@@ -82,7 +82,7 @@
* RFC 3280
* and X.509. The ASN.1 definition of this structure appears below.
*
- *
* Note that the name constraints byte array supplied is cloned to protect
* against subsequent modifications.
*
- * @param trustedCert a trusted
- * The ASN.1 definition of
* CRLs are instantiated using a certificate factory. The following is an
* example of how to instantiate an X.509 CRL:
- *
- * Gets the
* It is recommended that subclasses override this method.
*
- * @return an The algorithm name is determined from the The algorithm name is determined from the {@code algorithm}
* OID string.
*
* @return the signature algorithm name.
--- old/src/share/classes/java/security/cert/X509CRLEntry.java 2013-06-21 18:30:04.261762575 -0700
+++ new/src/share/classes/java/security/cert/X509CRLEntry.java 2013-06-21 18:30:04.101762579 -0700
@@ -68,8 +68,8 @@
/**
* Compares this CRL entry for equality with the given
- * object. If the
- * When first constructed, an
@@ -86,35 +86,35 @@
private long skew = 0;
/**
- * Creates an
* This method allows the caller to specify, with a single method call,
- * the complete set of issuer names which
- * The
- * Note that the
- * Note that a copy is performed on the
* Sets the issuerNames criterion. The issuer distinguished name in the
- *
* This method allows the caller to specify, with a single method call,
- * the complete set of issuer names which
- * The
- * Note that the
* If a name is specified as a byte array, it should contain a single DER
* encoded distinguished name, as defined in X.501. The ASN.1 notation for
* this structure is as follows.
- *
- * Note that a deep copy is performed on the
* This method allows the caller to add a name to the set of issuer names
- * which
* Adds a name to the issuerNames criterion. The issuer distinguished
- * name in the
* This method allows the caller to add a name to the set of issuer names
- * which
* This method allows the caller to add a name to the set of issuer names
- * which CertificateFactory to create CertPaths.
+ * {@code CertificateFactory} to create {@code CertPath}s.
*
* @param type the standard name of the type of
- * Certificates in this path
+ * {@code Certificate}s in this path
*/
protected CertPath(String type) {
this.type = type;
}
/**
- * Returns the type of Certificates in this certification
+ * Returns the type of {@code Certificate}s in this certification
* path. This is the same string that would be returned by
* {@link java.security.cert.Certificate#getType() cert.getType()}
- * for all Certificates in the certification path.
+ * for all {@code Certificate}s in the certification path.
*
- * @return the type of Certificates in this certification
+ * @return the type of {@code Certificate}s in this certification
* path (never null)
*/
public String getType() {
@@ -152,21 +152,21 @@
/**
* Returns an iteration of the encodings supported by this certification
* path, with the default encoding first. Attempts to modify the returned
- * Iterator via its remove method result in an
- * UnsupportedOperationException.
+ * {@code Iterator} via its {@code remove} method result in an
+ * {@code UnsupportedOperationException}.
*
- * @return an Iterator over the names of the supported
+ * @return an {@code Iterator} over the names of the supported
* encodings (as Strings)
*/
public abstract IteratorCertPaths are equal if and only if their
- * types are equal and their certificate Lists (and by
- * implication the Certificates in those Lists)
- * are equal. A CertPath is never equal to an object that is
- * not a CertPath.
+ * object. Two {@code CertPath}s are equal if and only if their
+ * types are equal and their certificate {@code List}s (and by
+ * implication the {@code Certificate}s in those {@code List}s)
+ * are equal. A {@code CertPath} is never equal to an object that is
+ * not a {@code CertPath}.
*
- * This ensures that
+ * {@code
* hashCode = path.getType().hashCode();
* hashCode = 31*hashCode + path.getCertificates().hashCode();
- * path1.equals(path2) implies that
- * path1.hashCode()==path2.hashCode() for any two certification
- * paths, path1 and path2, as required by the
- * general contract of Object.hashCode.
+ * }
+ * This ensures that {@code path1.equals(path2)} implies that
+ * {@code path1.hashCode()==path2.hashCode()} for any two certification
+ * paths, {@code path1} and {@code path2}, as required by the
+ * general contract of {@code Object.hashCode}.
*
* @return the hashcode value for this certification path
*/
@@ -214,8 +214,8 @@
/**
* Returns a string representation of this certification path.
- * This calls the toString method on each of the
- * Certificates in the path.
+ * This calls the {@code toString} method on each of the
+ * {@code Certificate}s in the path.
*
* @return a string representation of this certification path
*/
@@ -266,20 +266,20 @@
/**
* Returns the list of certificates in this certification path.
- * The List returned must be immutable and thread-safe.
+ * The {@code List} returned must be immutable and thread-safe.
*
- * @return an immutable List of Certificates
+ * @return an immutable {@code List} of {@code Certificate}s
* (may be empty, but not null)
*/
public abstract List getCertificates();
/**
- * Replaces the CertPath to be serialized with a
- * CertPathRep object.
+ * Replaces the {@code CertPath} to be serialized with a
+ * {@code CertPathRep} object.
*
- * @return the CertPathRep to be serialized
+ * @return the {@code CertPathRep} to be serialized
*
- * @throws ObjectStreamException if a CertPathRep object
+ * @throws ObjectStreamException if a {@code CertPathRep} object
* representing this certification path could not be created
*/
protected Object writeReplace() throws ObjectStreamException {
@@ -295,7 +295,7 @@
}
/**
- * Alternate CertPath class for serialization.
+ * Alternate {@code CertPath} class for serialization.
* @since 1.4
*/
protected static class CertPathRep implements Serializable {
@@ -308,10 +308,10 @@
private byte[] data;
/**
- * Creates a CertPathRep with the specified
+ * Creates a {@code CertPathRep} with the specified
* type and encoded form of a certification path.
*
- * @param type the standard name of a CertPath type
+ * @param type the standard name of a {@code CertPath} type
* @param data the encoded form of the certification path
*/
protected CertPathRep(String type, byte[] data) {
@@ -320,11 +320,11 @@
}
/**
- * Returns a CertPath constructed from the type and data.
+ * Returns a {@code CertPath} constructed from the type and data.
*
- * @return the resolved CertPath object
+ * @return the resolved {@code CertPath} object
*
- * @throws ObjectStreamException if a CertPath could not
+ * @throws ObjectStreamException if a {@code CertPath} could not
* be constructed
*/
protected Object readResolve() throws ObjectStreamException {
--- old/src/share/classes/java/security/cert/CertPathBuilder.java 2013-06-21 18:29:49.697762874 -0700
+++ new/src/share/classes/java/security/cert/CertPathBuilder.java 2013-06-21 18:29:49.541762877 -0700
@@ -41,16 +41,16 @@
* A class for building certification paths (also known as certificate chains).
* CertPathBuilder, call
- * one of the static getInstance methods, passing in the
- * algorithm name of the CertPathBuilder desired and optionally
+ * To create a {@code CertPathBuilder}, call
+ * one of the static {@code getInstance} methods, passing in the
+ * algorithm name of the {@code CertPathBuilder} desired and optionally
* the name of the provider desired.
*
- * CertPathBuilder object has been created, certification
+ * CertPath that was built) is returned
- * in an object that implements the CertPathBuilderResult
+ * result (including the {@code CertPath} that was built) is returned
+ * in an object that implements the {@code CertPathBuilderResult}
* interface.
*
* CertPathBuilder algorithm:
+ * following standard {@code CertPathBuilder} algorithm:
*
*
@@ -87,9 +87,9 @@
* CertPathBuilder instance concurrently should
+ * access a single {@code CertPathBuilder} instance concurrently should
* synchronize amongst themselves and provide the necessary locking. Multiple
- * threads each manipulating a different CertPathBuilder instance
+ * threads each manipulating a different {@code CertPathBuilder} instance
* need not synchronize.
*
* @see CertPath
@@ -114,7 +114,7 @@
private final String algorithm;
/**
- * Creates a CertPathBuilder object of the given algorithm,
+ * Creates a {@code CertPathBuilder} object of the given algorithm,
* and encapsulates the given provider implementation (SPI object) in it.
*
* @param builderSpi the provider implementation
@@ -130,7 +130,7 @@
}
/**
- * Returns a CertPathBuilder object that implements the
+ * Returns a {@code CertPathBuilder} object that implements the
* specified algorithm.
*
* CertPathBuilder
+ * @param algorithm the name of the requested {@code CertPathBuilder}
* algorithm. See the CertPathBuilder section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
* for information about standard algorithm names.
*
- * @return a CertPathBuilder object that implements the
+ * @return a {@code CertPathBuilder} object that implements the
* specified algorithm.
*
* @throws NoSuchAlgorithmException if no Provider supports a
@@ -166,7 +166,7 @@
}
/**
- * Returns a CertPathBuilder object that implements the
+ * Returns a {@code CertPathBuilder} object that implements the
* specified algorithm.
*
* CertPathBuilder
+ * @param algorithm the name of the requested {@code CertPathBuilder}
* algorithm. See the CertPathBuilder section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
@@ -185,7 +185,7 @@
*
* @param provider the name of the provider.
*
- * @return a CertPathBuilder object that implements the
+ * @return a {@code CertPathBuilder} object that implements the
* specified algorithm.
*
* @throws NoSuchAlgorithmException if a CertPathBuilderSpi
@@ -195,7 +195,7 @@
* @throws NoSuchProviderException if the specified provider is not
* registered in the security provider list.
*
- * @exception IllegalArgumentException if the provider is
+ * @exception IllegalArgumentException if the {@code provider} is
* null or empty.
*
* @see java.security.Provider
@@ -209,7 +209,7 @@
}
/**
- * Returns a CertPathBuilder object that implements the
+ * Returns a {@code CertPathBuilder} object that implements the
* specified algorithm.
*
* CertPathBuilder
+ * @param algorithm the name of the requested {@code CertPathBuilder}
* algorithm. See the CertPathBuilder section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
@@ -225,14 +225,14 @@
*
* @param provider the provider.
*
- * @return a CertPathBuilder object that implements the
+ * @return a {@code CertPathBuilder} object that implements the
* specified algorithm.
*
* @exception NoSuchAlgorithmException if a CertPathBuilderSpi
* implementation for the specified algorithm is not available
* from the specified Provider object.
*
- * @exception IllegalArgumentException if the provider is
+ * @exception IllegalArgumentException if the {@code provider} is
* null.
*
* @see java.security.Provider
@@ -246,18 +246,18 @@
}
/**
- * Returns the provider of this CertPathBuilder.
+ * Returns the provider of this {@code CertPathBuilder}.
*
- * @return the provider of this CertPathBuilder
+ * @return the provider of this {@code CertPathBuilder}
*/
public final Provider getProvider() {
return this.provider;
}
/**
- * Returns the name of the algorithm of this CertPathBuilder.
+ * Returns the name of the algorithm of this {@code CertPathBuilder}.
*
- * @return the name of the algorithm of this CertPathBuilder
+ * @return the name of the algorithm of this {@code CertPathBuilder}
*/
public final String getAlgorithm() {
return this.algorithm;
@@ -272,7 +272,7 @@
* @throws CertPathBuilderException if the builder is unable to construct
* a certification path that satisfies the specified parameters
* @throws InvalidAlgorithmParameterException if the specified parameters
- * are inappropriate for this CertPathBuilder
+ * are inappropriate for this {@code CertPathBuilder}
*/
public final CertPathBuilderResult build(CertPathParameters params)
throws CertPathBuilderException, InvalidAlgorithmParameterException
--- old/src/share/classes/java/security/cert/CertPathBuilderException.java 2013-06-21 18:29:50.101762866 -0700
+++ new/src/share/classes/java/security/cert/CertPathBuilderException.java 2013-06-21 18:29:49.941762869 -0700
@@ -29,9 +29,9 @@
/**
* An exception indicating one of a variety of problems encountered when
- * building a certification path with a CertPathBuilder.
+ * building a certification path with a {@code CertPathBuilder}.
* CertPathBuilderException provides support for wrapping
+ * A {@code CertPathBuilderException} provides support for wrapping
* exceptions. The {@link #getCause getCause} method returns the throwable,
* if any, that caused this exception to be thrown.
* CertPathBuilderException with null
+ * Creates a {@code CertPathBuilderException} with {@code null}
* as its detail message.
*/
public CertPathBuilderException() {
@@ -61,8 +61,8 @@
}
/**
- * Creates a CertPathBuilderException with the given
- * detail message. The detail message is a String that
+ * Creates a {@code CertPathBuilderException} with the given
+ * detail message. The detail message is a {@code String} that
* describes this particular exception in more detail.
*
* @param msg the detail message
@@ -72,16 +72,16 @@
}
/**
- * Creates a CertPathBuilderException that wraps the specified
+ * Creates a {@code CertPathBuilderException} that wraps the specified
* throwable. This allows any exception to be converted into a
- * CertPathBuilderException, while retaining information
+ * {@code CertPathBuilderException}, while retaining information
* about the wrapped exception, which may be useful for debugging. The
- * detail message is set to (cause==null ? null : cause.toString()
- * ) (which typically contains the class and detail message of
+ * detail message is set to ({@code cause==null ? null : cause.toString()})
+ * (which typically contains the class and detail message of
* cause).
*
* @param cause the cause (which is saved for later retrieval by the
- * {@link #getCause getCause()} method). (A null value is
+ * {@link #getCause getCause()} method). (A {@code null} value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertPathBuilderException(Throwable cause) {
@@ -89,12 +89,12 @@
}
/**
- * Creates a CertPathBuilderException with the specified
+ * Creates a {@code CertPathBuilderException} with the specified
* detail message and cause.
*
* @param msg the detail message
* @param cause the cause (which is saved for later retrieval by the
- * {@link #getCause getCause()} method). (A null value is
+ * {@link #getCause getCause()} method). (A {@code null} value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertPathBuilderException(String msg, Throwable cause) {
--- old/src/share/classes/java/security/cert/CertPathBuilderResult.java 2013-06-21 18:29:50.505762858 -0700
+++ new/src/share/classes/java/security/cert/CertPathBuilderResult.java 2013-06-21 18:29:50.345762861 -0700
@@ -30,8 +30,8 @@
* All results returned by the {@link CertPathBuilder#build
* CertPathBuilder.build} method must implement this interface.
* CertPathBuilderResult contains the
- * CertPath built by the CertPathBuilder instance.
+ * At a minimum, a {@code CertPathBuilderResult} contains the
+ * {@code CertPath} built by the {@code CertPathBuilder} instance.
* Implementations of this interface may add methods to return implementation
* or algorithm specific information, such as debugging information or
* certification path validation results.
@@ -54,15 +54,15 @@
/**
* Returns the built certification path.
*
- * @return the certification path (never null)
+ * @return the certification path (never {@code null})
*/
CertPath getCertPath();
/**
- * Makes a copy of this CertPathBuilderResult. Changes to the
+ * Makes a copy of this {@code CertPathBuilderResult}. Changes to the
* copy will not affect the original and vice versa.
*
- * @return a copy of this CertPathBuilderResult
+ * @return a copy of this {@code CertPathBuilderResult}
*/
Object clone();
}
--- old/src/share/classes/java/security/cert/CertPathBuilderSpi.java 2013-06-21 18:29:50.913762849 -0700
+++ new/src/share/classes/java/security/cert/CertPathBuilderSpi.java 2013-06-21 18:29:50.745762853 -0700
@@ -30,23 +30,23 @@
/**
* The Service Provider Interface (SPI)
* for the {@link CertPathBuilder CertPathBuilder} class. All
- * CertPathBuilder implementations must include a class (the
- * SPI class) that extends this class (CertPathBuilderSpi) and
+ * {@code CertPathBuilder} implementations must include a class (the
+ * SPI class) that extends this class ({@code CertPathBuilderSpi}) and
* implements all of its methods. In general, instances of this class should
- * only be accessed through the CertPathBuilder class. For
+ * only be accessed through the {@code CertPathBuilder} class. For
* details, see the Java Cryptography Architecture.
* CertPathBuilderSpi instance concurrently should synchronize
+ * {@code CertPathBuilderSpi} instance concurrently should synchronize
* amongst themselves and provide the necessary locking before calling the
- * wrapping CertPathBuilder object.
+ * wrapping {@code CertPathBuilder} object.
* CertPathBuilderSpi may still
+ * However, implementations of {@code CertPathBuilderSpi} may still
* encounter concurrency issues, since multiple threads each
- * manipulating a different CertPathBuilderSpi instance need not
+ * manipulating a different {@code CertPathBuilderSpi} instance need not
* synchronize.
*
* @since 1.4
@@ -68,7 +68,7 @@
* @throws CertPathBuilderException if the builder is unable to construct
* a certification path that satisfies the specified parameters
* @throws InvalidAlgorithmParameterException if the specified parameters
- * are inappropriate for this CertPathBuilder
+ * are inappropriate for this {@code CertPathBuilder}
*/
public abstract CertPathBuilderResult engineBuild(CertPathParameters params)
throws CertPathBuilderException, InvalidAlgorithmParameterException;
--- old/src/share/classes/java/security/cert/CertPathParameters.java 2013-06-21 18:29:51.305762841 -0700
+++ new/src/share/classes/java/security/cert/CertPathParameters.java 2013-06-21 18:29:51.149762844 -0700
@@ -28,8 +28,8 @@
/**
* A specification of certification path algorithm parameters.
* The purpose of this interface is to group (and provide type safety for)
- * all CertPath parameter specifications. All
- * CertPath parameter specifications must implement this
+ * all {@code CertPath} parameter specifications. All
+ * {@code CertPath} parameter specifications must implement this
* interface.
*
* @author Yassir Elley
@@ -40,10 +40,10 @@
public interface CertPathParameters extends Cloneable {
/**
- * Makes a copy of this CertPathParameters. Changes to the
+ * Makes a copy of this {@code CertPathParameters}. Changes to the
* copy will not affect the original and vice versa.
*
- * @return a copy of this CertPathParameters
+ * @return a copy of this {@code CertPathParameters}
*/
Object clone();
}
--- old/src/share/classes/java/security/cert/CertPathValidator.java 2013-06-21 18:29:51.701762833 -0700
+++ new/src/share/classes/java/security/cert/CertPathValidator.java 2013-06-21 18:29:51.541762836 -0700
@@ -42,17 +42,17 @@
* chains).
* CertPathValidator,
- * call one of the static getInstance methods, passing in the
- * algorithm name of the CertPathValidator desired and
+ * To create a {@code CertPathValidator},
+ * call one of the static {@code getInstance} methods, passing in the
+ * algorithm name of the {@code CertPathValidator} desired and
* optionally the name of the provider desired.
*
- * CertPathValidator object has been created, it can
+ * CertPath to be validated
+ * validate} method and passing it the {@code CertPath} to be validated
* and an algorithm-specific set of parameters. If successful, the result is
* returned in an object that implements the
- * CertPathValidatorResult interface.
+ * {@code CertPathValidatorResult} interface.
*
* CertPathValidator algorithm:
+ * following standard {@code CertPathValidator} algorithm:
*
*
@@ -89,9 +89,9 @@
* CertPathValidator instance concurrently should
+ * access a single {@code CertPathValidator} instance concurrently should
* synchronize amongst themselves and provide the necessary locking. Multiple
- * threads each manipulating a different CertPathValidator
+ * threads each manipulating a different {@code CertPathValidator}
* instance need not synchronize.
*
* @see CertPath
@@ -115,7 +115,7 @@
private final String algorithm;
/**
- * Creates a CertPathValidator object of the given algorithm,
+ * Creates a {@code CertPathValidator} object of the given algorithm,
* and encapsulates the given provider implementation (SPI object) in it.
*
* @param validatorSpi the provider implementation
@@ -131,7 +131,7 @@
}
/**
- * Returns a CertPathValidator object that implements the
+ * Returns a {@code CertPathValidator} object that implements the
* specified algorithm.
*
* CertPathValidator
+ * @param algorithm the name of the requested {@code CertPathValidator}
* algorithm. See the CertPathValidator section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
* for information about standard algorithm names.
*
- * @return a CertPathValidator object that implements the
+ * @return a {@code CertPathValidator} object that implements the
* specified algorithm.
*
* @exception NoSuchAlgorithmException if no Provider supports a
@@ -167,7 +167,7 @@
}
/**
- * Returns a CertPathValidator object that implements the
+ * Returns a {@code CertPathValidator} object that implements the
* specified algorithm.
*
* CertPathValidator
+ * @param algorithm the name of the requested {@code CertPathValidator}
* algorithm. See the CertPathValidator section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
@@ -186,7 +186,7 @@
*
* @param provider the name of the provider.
*
- * @return a CertPathValidator object that implements the
+ * @return a {@code CertPathValidator} object that implements the
* specified algorithm.
*
* @exception NoSuchAlgorithmException if a CertPathValidatorSpi
@@ -196,7 +196,7 @@
* @exception NoSuchProviderException if the specified provider is not
* registered in the security provider list.
*
- * @exception IllegalArgumentException if the provider is
+ * @exception IllegalArgumentException if the {@code provider} is
* null or empty.
*
* @see java.security.Provider
@@ -211,7 +211,7 @@
}
/**
- * Returns a CertPathValidator object that implements the
+ * Returns a {@code CertPathValidator} object that implements the
* specified algorithm.
*
* CertPathValidator
+ * @param algorithm the name of the requested {@code CertPathValidator}
* algorithm. See the CertPathValidator section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
@@ -227,14 +227,14 @@
*
* @param provider the provider.
*
- * @return a CertPathValidator object that implements the
+ * @return a {@code CertPathValidator} object that implements the
* specified algorithm.
*
* @exception NoSuchAlgorithmException if a CertPathValidatorSpi
* implementation for the specified algorithm is not available
* from the specified Provider object.
*
- * @exception IllegalArgumentException if the provider is
+ * @exception IllegalArgumentException if the {@code provider} is
* null.
*
* @see java.security.Provider
@@ -248,19 +248,19 @@
}
/**
- * Returns the Provider of this
- * CertPathValidator.
+ * Returns the {@code Provider} of this
+ * {@code CertPathValidator}.
*
- * @return the Provider of this CertPathValidator
+ * @return the {@code Provider} of this {@code CertPathValidator}
*/
public final Provider getProvider() {
return this.provider;
}
/**
- * Returns the algorithm name of this CertPathValidator.
+ * Returns the algorithm name of this {@code CertPathValidator}.
*
- * @return the algorithm name of this CertPathValidator
+ * @return the algorithm name of this {@code CertPathValidator}
*/
public final String getAlgorithm() {
return this.algorithm;
@@ -270,20 +270,20 @@
* Validates the specified certification path using the specified
* algorithm parameter set.
* CertPath specified must be of a type that is
+ * The {@code CertPath} specified must be of a type that is
* supported by the validation algorithm, otherwise an
- * InvalidAlgorithmParameterException will be thrown. For
- * example, a CertPathValidator that implements the PKIX
- * algorithm validates CertPath objects of type X.509.
+ * {@code InvalidAlgorithmParameterException} will be thrown. For
+ * example, a {@code CertPathValidator} that implements the PKIX
+ * algorithm validates {@code CertPath} objects of type X.509.
*
- * @param certPath the CertPath to be validated
+ * @param certPath the {@code CertPath} to be validated
* @param params the algorithm parameters
* @return the result of the validation algorithm
- * @exception CertPathValidatorException if the CertPath
+ * @exception CertPathValidatorException if the {@code CertPath}
* does not validate
* @exception InvalidAlgorithmParameterException if the specified
- * parameters or the type of the specified CertPath are
- * inappropriate for this CertPathValidator
+ * parameters or the type of the specified {@code CertPath} are
+ * inappropriate for this {@code CertPathValidator}
*/
public final CertPathValidatorResult validate(CertPath certPath,
CertPathParameters params)
--- old/src/share/classes/java/security/cert/CertPathValidatorException.java 2013-06-21 18:29:52.113762825 -0700
+++ new/src/share/classes/java/security/cert/CertPathValidatorException.java 2013-06-21 18:29:51.949762828 -0700
@@ -34,11 +34,11 @@
* An exception indicating one of a variety of problems encountered when
* validating a certification path.
* CertPathValidatorException provides support for wrapping
+ * A {@code CertPathValidatorException} provides support for wrapping
* exceptions. The {@link #getCause getCause} method returns the throwable,
* if any, that caused this exception to be thrown.
* CertPathValidatorException may also include the
+ * A {@code CertPathValidatorException} may also include the
* certification path that was being validated when the exception was thrown,
* the index of the certificate in the certification path that caused the
* exception to be thrown, and the reason that caused the failure. Use the
@@ -70,7 +70,7 @@
private int index = -1;
/**
- * @serial the CertPath that was being validated when
+ * @serial the {@code CertPath} that was being validated when
* the exception was thrown
*/
private CertPath certPath;
@@ -81,7 +81,7 @@
private Reason reason = BasicReason.UNSPECIFIED;
/**
- * Creates a CertPathValidatorException with
+ * Creates a {@code CertPathValidatorException} with
* no detail message.
*/
public CertPathValidatorException() {
@@ -89,8 +89,8 @@
}
/**
- * Creates a CertPathValidatorException with the given
- * detail message. A detail message is a String that
+ * Creates a {@code CertPathValidatorException} with the given
+ * detail message. A detail message is a {@code String} that
* describes this particular exception.
*
* @param msg the detail message
@@ -100,16 +100,16 @@
}
/**
- * Creates a CertPathValidatorException that wraps the
+ * Creates a {@code CertPathValidatorException} that wraps the
* specified throwable. This allows any exception to be converted into a
- * CertPathValidatorException, while retaining information
+ * {@code CertPathValidatorException}, while retaining information
* about the wrapped exception, which may be useful for debugging. The
- * detail message is set to (cause==null ? null : cause.toString()
- * ) (which typically contains the class and detail message of
+ * detail message is set to ({@code cause==null ? null : cause.toString()})
+ * (which typically contains the class and detail message of
* cause).
*
* @param cause the cause (which is saved for later retrieval by the
- * {@link #getCause getCause()} method). (A null value is
+ * {@link #getCause getCause()} method). (A {@code null} value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertPathValidatorException(Throwable cause) {
@@ -117,12 +117,12 @@
}
/**
- * Creates a CertPathValidatorException with the specified
+ * Creates a {@code CertPathValidatorException} with the specified
* detail message and cause.
*
* @param msg the detail message
* @param cause the cause (which is saved for later retrieval by the
- * {@link #getCause getCause()} method). (A null value is
+ * {@link #getCause getCause()} method). (A {@code null} value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertPathValidatorException(String msg, Throwable cause) {
@@ -130,21 +130,21 @@
}
/**
- * Creates a CertPathValidatorException with the specified
+ * Creates a {@code CertPathValidatorException} with the specified
* detail message, cause, certification path, and index.
*
- * @param msg the detail message (or null if none)
- * @param cause the cause (or null if none)
+ * @param msg the detail message (or {@code null} if none)
+ * @param cause the cause (or {@code null} if none)
* @param certPath the certification path that was in the process of
* being validated when the error was encountered
* @param index the index of the certificate in the certification path
* that caused the error (or -1 if not applicable). Note that
- * the list of certificates in a CertPath is zero based.
+ * the list of certificates in a {@code CertPath} is zero based.
* @throws IndexOutOfBoundsException if the index is out of range
* {@code (index < -1 || (certPath != null && index >=
* certPath.getCertificates().size()) }
- * @throws IllegalArgumentException if certPath is
- * null and index is not -1
+ * @throws IllegalArgumentException if {@code certPath} is
+ * {@code null} and {@code index} is not -1
*/
public CertPathValidatorException(String msg, Throwable cause,
CertPath certPath, int index) {
@@ -152,23 +152,23 @@
}
/**
- * Creates a CertPathValidatorException with the specified
+ * Creates a {@code CertPathValidatorException} with the specified
* detail message, cause, certification path, index, and reason.
*
- * @param msg the detail message (or null if none)
- * @param cause the cause (or null if none)
+ * @param msg the detail message (or {@code null} if none)
+ * @param cause the cause (or {@code null} if none)
* @param certPath the certification path that was in the process of
* being validated when the error was encountered
* @param index the index of the certificate in the certification path
* that caused the error (or -1 if not applicable). Note that
- * the list of certificates in a CertPath is zero based.
+ * the list of certificates in a {@code CertPath} is zero based.
* @param reason the reason the validation failed
* @throws IndexOutOfBoundsException if the index is out of range
* {@code (index < -1 || (certPath != null && index >=
* certPath.getCertificates().size()) }
- * @throws IllegalArgumentException if certPath is
- * null and index is not -1
- * @throws NullPointerException if reason is null
+ * @throws IllegalArgumentException if {@code certPath} is
+ * {@code null} and {@code index} is not -1
+ * @throws NullPointerException if {@code reason} is {@code null}
*
* @since 1.7
*/
@@ -194,8 +194,8 @@
* Returns the certification path that was being validated when
* the exception was thrown.
*
- * @return the CertPath that was being validated when
- * the exception was thrown (or null if not specified)
+ * @return the {@code CertPath} that was being validated when
+ * the exception was thrown (or {@code null} if not specified)
*/
public CertPath getCertPath() {
return this.certPath;
@@ -204,7 +204,7 @@
/**
* Returns the index of the certificate in the certification path
* that caused the exception to be thrown. Note that the list of
- * certificates in a CertPath is zero based. If no
+ * certificates in a {@code CertPath} is zero based. If no
* index has been set, -1 is returned.
*
* @return the index that has been set, or -1 if none has been set
@@ -219,7 +219,7 @@
* {@link #getIndex}.
*
* @return the reason that the validation failed, or
- * BasicReason.UNSPECIFIED if a reason has not been
+ * {@code BasicReason.UNSPECIFIED} if a reason has not been
* specified
*
* @since 1.7
--- old/src/share/classes/java/security/cert/CertPathValidatorResult.java 2013-06-21 18:29:52.521762816 -0700
+++ new/src/share/classes/java/security/cert/CertPathValidatorResult.java 2013-06-21 18:29:52.361762820 -0700
@@ -41,10 +41,10 @@
public interface CertPathValidatorResult extends Cloneable {
/**
- * Makes a copy of this CertPathValidatorResult. Changes to the
+ * Makes a copy of this {@code CertPathValidatorResult}. Changes to the
* copy will not affect the original and vice versa.
*
- * @return a copy of this CertPathValidatorResult
+ * @return a copy of this {@code CertPathValidatorResult}
*/
Object clone();
}
--- old/src/share/classes/java/security/cert/CertPathValidatorSpi.java 2013-06-21 18:29:52.921762808 -0700
+++ new/src/share/classes/java/security/cert/CertPathValidatorSpi.java 2013-06-21 18:29:52.757762811 -0700
@@ -31,23 +31,23 @@
*
* The Service Provider Interface (SPI)
* for the {@link CertPathValidator CertPathValidator} class. All
- * CertPathValidator implementations must include a class (the
- * SPI class) that extends this class (CertPathValidatorSpi)
+ * {@code CertPathValidator} implementations must include a class (the
+ * SPI class) that extends this class ({@code CertPathValidatorSpi})
* and implements all of its methods. In general, instances of this class
- * should only be accessed through the CertPathValidator class.
+ * should only be accessed through the {@code CertPathValidator} class.
* For details, see the Java Cryptography Architecture.
* CertPathValidatorSpi instance concurrently should synchronize
+ * {@code CertPathValidatorSpi} instance concurrently should synchronize
* amongst themselves and provide the necessary locking before calling the
- * wrapping CertPathValidator object.
+ * wrapping {@code CertPathValidator} object.
* CertPathValidatorSpi may still
+ * However, implementations of {@code CertPathValidatorSpi} may still
* encounter concurrency issues, since multiple threads each
- * manipulating a different CertPathValidatorSpi instance need not
+ * manipulating a different {@code CertPathValidatorSpi} instance need not
* synchronize.
*
* @since 1.4
@@ -64,20 +64,20 @@
* Validates the specified certification path using the specified
* algorithm parameter set.
* CertPath specified must be of a type that is
+ * The {@code CertPath} specified must be of a type that is
* supported by the validation algorithm, otherwise an
- * InvalidAlgorithmParameterException will be thrown. For
- * example, a CertPathValidator that implements the PKIX
- * algorithm validates CertPath objects of type X.509.
+ * {@code InvalidAlgorithmParameterException} will be thrown. For
+ * example, a {@code CertPathValidator} that implements the PKIX
+ * algorithm validates {@code CertPath} objects of type X.509.
*
- * @param certPath the CertPath to be validated
+ * @param certPath the {@code CertPath} to be validated
* @param params the algorithm parameters
* @return the result of the validation algorithm
- * @exception CertPathValidatorException if the CertPath
+ * @exception CertPathValidatorException if the {@code CertPath}
* does not validate
* @exception InvalidAlgorithmParameterException if the specified
- * parameters or the type of the specified CertPath are
- * inappropriate for this CertPathValidator
+ * parameters or the type of the specified {@code CertPath} are
+ * inappropriate for this {@code CertPathValidator}
*/
public abstract CertPathValidatorResult
engineValidate(CertPath certPath, CertPathParameters params)
--- old/src/share/classes/java/security/cert/CertSelector.java 2013-06-21 18:29:53.329762800 -0700
+++ new/src/share/classes/java/security/cert/CertSelector.java 2013-06-21 18:29:53.165762803 -0700
@@ -27,9 +27,9 @@
/**
* A selector that defines a set of criteria for selecting
- * Certificates. Classes that implement this interface
- * are often used to specify which Certificates should
- * be retrieved from a CertStore.
+ * {@code Certificate}s. Classes that implement this interface
+ * are often used to specify which {@code Certificate}s should
+ * be retrieved from a {@code CertStore}.
* Certificate should be selected.
+ * Decides whether a {@code Certificate} should be selected.
*
- * @param cert the Certificate to be checked
- * @return true if the Certificate
- * should be selected, false otherwise
+ * @param cert the {@code Certificate} to be checked
+ * @return {@code true} if the {@code Certificate}
+ * should be selected, {@code false} otherwise
*/
boolean match(Certificate cert);
/**
- * Makes a copy of this CertSelector. Changes to the
+ * Makes a copy of this {@code CertSelector}. Changes to the
* copy will not affect the original and vice versa.
*
- * @return a copy of this CertSelector
+ * @return a copy of this {@code CertSelector}
*/
Object clone();
}
--- old/src/share/classes/java/security/cert/CertStore.java 2013-06-21 18:29:53.725762792 -0700
+++ new/src/share/classes/java/security/cert/CertStore.java 2013-06-21 18:29:53.569762795 -0700
@@ -38,30 +38,30 @@
import sun.security.jca.GetInstance.Instance;
/**
- * A class for retrieving Certificates and CRLs
+ * A class for retrieving {@code Certificate}s and {@code CRL}s
* from a repository.
* CertStore, call one of the static
- * getInstance methods, passing in the type of
- * CertStore desired, any applicable initialization parameters
+ * To create a {@code CertStore}, call one of the static
+ * {@code getInstance} methods, passing in the type of
+ * {@code CertStore} desired, any applicable initialization parameters
* and optionally the name of the provider desired.
* CertStore has been created, it can be used to
- * retrieve Certificates and CRLs by calling its
+ * Once the {@code CertStore} has been created, it can be used to
+ * retrieve {@code Certificate}s and {@code CRL}s by calling its
* {@link #getCertificates(CertSelector selector) getCertificates} and
* {@link #getCRLs(CRLSelector selector) getCRLs} methods.
* CertStore is designed to provide access to a potentially
+ * {@code CertStore} is designed to provide access to a potentially
* vast repository of untrusted certificates and CRLs. For example, an LDAP
- * implementation of CertStore provides access to certificates
+ * implementation of {@code CertStore} provides access to certificates
* and CRLs stored in one or more directories using the LDAP protocol and the
* schema as defined in the RFC service attribute.
*
* CertStore type:
+ * following standard {@code CertStore} type:
*
*
@@ -75,10 +75,10 @@
* CertStore objects must be thread-safe.
+ * All public methods of {@code CertStore} objects must be thread-safe.
* That is, multiple threads may concurrently invoke these methods on a
- * single CertStore object (or more than one) with no
- * ill effects. This allows a CertPathBuilder to search for a
+ * single {@code CertStore} object (or more than one) with no
+ * ill effects. This allows a {@code CertPathBuilder} to search for a
* CRL while simultaneously searching for further certificates, for instance.
* CertStore object of the given type, and
+ * Creates a {@code CertStore} object of the given type, and
* encapsulates the given provider implementation (SPI object) in it.
*
* @param storeSpi the provider implementation
* @param provider the provider
* @param type the type
- * @param params the initialization parameters (may be null)
+ * @param params the initialization parameters (may be {@code null})
*/
protected CertStore(CertStoreSpi storeSpi, Provider provider,
String type, CertStoreParameters params) {
@@ -122,28 +122,28 @@
}
/**
- * Returns a Collection of Certificates that
- * match the specified selector. If no Certificates
- * match the selector, an empty Collection will be returned.
+ * Returns a {@code Collection} of {@code Certificate}s that
+ * match the specified selector. If no {@code Certificate}s
+ * match the selector, an empty {@code Collection} will be returned.
* CertStore types, the resulting
- * Collection may not contain all of the
- * Certificates that match the selector. For instance,
- * an LDAP CertStore may not search all entries in the
+ * For some {@code CertStore} types, the resulting
+ * {@code Collection} may not contain all of the
+ * {@code Certificate}s that match the selector. For instance,
+ * an LDAP {@code CertStore} may not search all entries in the
* directory. Instead, it may just search entries that are likely to
- * contain the Certificates it is looking for.
+ * contain the {@code Certificate}s it is looking for.
* CertStore implementations (especially LDAP
- * CertStores) may throw a CertStoreException
- * unless a non-null CertSelector is provided that
+ * Some {@code CertStore} implementations (especially LDAP
+ * {@code CertStore}s) may throw a {@code CertStoreException}
+ * unless a non-null {@code CertSelector} is provided that
* includes specific criteria that can be used to find the certificates.
* Issuer and/or subject names are especially useful criteria.
*
- * @param selector A CertSelector used to select which
- * Certificates should be returned. Specify null
- * to return all Certificates (if supported).
- * @return A Collection of Certificates that
- * match the specified selector (never null)
+ * @param selector A {@code CertSelector} used to select which
+ * {@code Certificate}s should be returned. Specify {@code null}
+ * to return all {@code Certificate}s (if supported).
+ * @return A {@code Collection} of {@code Certificate}s that
+ * match the specified selector (never {@code null})
* @throws CertStoreException if an exception occurs
*/
public final Collection getCertificates
@@ -152,28 +152,28 @@
}
/**
- * Returns a Collection of CRLs that
- * match the specified selector. If no CRLs
- * match the selector, an empty Collection will be returned.
+ * Returns a {@code Collection} of {@code CRL}s that
+ * match the specified selector. If no {@code CRL}s
+ * match the selector, an empty {@code Collection} will be returned.
* CertStore types, the resulting
- * Collection may not contain all of the
- * CRLs that match the selector. For instance,
- * an LDAP CertStore may not search all entries in the
+ * For some {@code CertStore} types, the resulting
+ * {@code Collection} may not contain all of the
+ * {@code CRL}s that match the selector. For instance,
+ * an LDAP {@code CertStore} may not search all entries in the
* directory. Instead, it may just search entries that are likely to
- * contain the CRLs it is looking for.
+ * contain the {@code CRL}s it is looking for.
* CertStore implementations (especially LDAP
- * CertStores) may throw a CertStoreException
- * unless a non-null CRLSelector is provided that
+ * Some {@code CertStore} implementations (especially LDAP
+ * {@code CertStore}s) may throw a {@code CertStoreException}
+ * unless a non-null {@code CRLSelector} is provided that
* includes specific criteria that can be used to find the CRLs.
* Issuer names and/or the certificate to be checked are especially useful.
*
- * @param selector A CRLSelector used to select which
- * CRLs should be returned. Specify null
- * to return all CRLs (if supported).
- * @return A Collection of CRLs that
- * match the specified selector (never null)
+ * @param selector A {@code CRLSelector} used to select which
+ * {@code CRL}s should be returned. Specify {@code null}
+ * to return all {@code CRL}s (if supported).
+ * @return A {@code Collection} of {@code CRL}s that
+ * match the specified selector (never {@code null})
* @throws CertStoreException if an exception occurs
*/
public final Collection getCRLs(CRLSelector selector)
@@ -182,8 +182,8 @@
}
/**
- * Returns a CertStore object that implements the specified
- * CertStore type and is initialized with the specified
+ * Returns a {@code CertStore} object that implements the specified
+ * {@code CertStore} type and is initialized with the specified
* parameters.
*
* CertStore that is returned is initialized with the
- * specified CertStoreParameters. The type of parameters
- * needed may vary between different types of CertStores.
- * Note that the specified CertStoreParameters object is
+ * CertStore type.
+ * @param type the name of the requested {@code CertStore} type.
* See the CertStore section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
* for information about standard types.
*
- * @param params the initialization parameters (may be null).
+ * @param params the initialization parameters (may be {@code null}).
*
- * @return a CertStore object that implements the specified
- * CertStore type.
+ * @return a {@code CertStore} object that implements the specified
+ * {@code CertStore} type.
*
* @throws NoSuchAlgorithmException if no Provider supports a
* CertStoreSpi implementation for the specified type.
*
* @throws InvalidAlgorithmParameterException if the specified
* initialization parameters are inappropriate for this
- * CertStore.
+ * {@code CertStore}.
*
* @see java.security.Provider
*/
@@ -244,8 +244,8 @@
}
/**
- * Returns a CertStore object that implements the specified
- * CertStore type.
+ * Returns a {@code CertStore} object that implements the specified
+ * {@code CertStore} type.
*
* CertStore that is returned is initialized with the
- * specified CertStoreParameters. The type of parameters
- * needed may vary between different types of CertStores.
- * Note that the specified CertStoreParameters object is
+ * CertStore type.
+ * @param type the requested {@code CertStore} type.
* See the CertStore section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
* for information about standard types.
*
- * @param params the initialization parameters (may be null).
+ * @param params the initialization parameters (may be {@code null}).
*
* @param provider the name of the provider.
*
- * @return a CertStore object that implements the
+ * @return a {@code CertStore} object that implements the
* specified type.
*
* @throws NoSuchAlgorithmException if a CertStoreSpi
@@ -280,12 +280,12 @@
*
* @throws InvalidAlgorithmParameterException if the specified
* initialization parameters are inappropriate for this
- * CertStore.
+ * {@code CertStore}.
*
* @throws NoSuchProviderException if the specified provider is not
* registered in the security provider list.
*
- * @exception IllegalArgumentException if the provider is
+ * @exception IllegalArgumentException if the {@code provider} is
* null or empty.
*
* @see java.security.Provider
@@ -305,31 +305,31 @@
}
/**
- * Returns a CertStore object that implements the specified
- * CertStore type.
+ * Returns a {@code CertStore} object that implements the specified
+ * {@code CertStore} type.
*
* CertStore that is returned is initialized with the
- * specified CertStoreParameters. The type of parameters
- * needed may vary between different types of CertStores.
- * Note that the specified CertStoreParameters object is
+ * CertStore type.
+ * @param type the requested {@code CertStore} type.
* See the CertStore section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
* for information about standard types.
*
- * @param params the initialization parameters (may be null).
+ * @param params the initialization parameters (may be {@code null}).
*
* @param provider the provider.
*
- * @return a CertStore object that implements the
+ * @return a {@code CertStore} object that implements the
* specified type.
*
* @exception NoSuchAlgorithmException if a CertStoreSpi
@@ -338,9 +338,9 @@
*
* @throws InvalidAlgorithmParameterException if the specified
* initialization parameters are inappropriate for this
- * CertStore
+ * {@code CertStore}
*
- * @exception IllegalArgumentException if the provider is
+ * @exception IllegalArgumentException if the {@code provider} is
* null.
*
* @see java.security.Provider
@@ -359,30 +359,30 @@
}
/**
- * Returns the parameters used to initialize this CertStore.
- * Note that the CertStoreParameters object is cloned before
+ * Returns the parameters used to initialize this {@code CertStore}.
+ * Note that the {@code CertStoreParameters} object is cloned before
* it is returned.
*
- * @return the parameters used to initialize this CertStore
- * (may be null)
+ * @return the parameters used to initialize this {@code CertStore}
+ * (may be {@code null})
*/
public final CertStoreParameters getCertStoreParameters() {
return (params == null ? null : (CertStoreParameters) params.clone());
}
/**
- * Returns the type of this CertStore.
+ * Returns the type of this {@code CertStore}.
*
- * @return the type of this CertStore
+ * @return the type of this {@code CertStore}
*/
public final String getType() {
return this.type;
}
/**
- * Returns the provider of this CertStore.
+ * Returns the provider of this {@code CertStore}.
*
- * @return the provider of this CertStore
+ * @return the provider of this {@code CertStore}
*/
public final Provider getProvider() {
return this.provider;
--- old/src/share/classes/java/security/cert/CertStoreException.java 2013-06-21 18:29:54.153762783 -0700
+++ new/src/share/classes/java/security/cert/CertStoreException.java 2013-06-21 18:29:53.993762786 -0700
@@ -29,9 +29,9 @@
/**
* An exception indicating one of a variety of problems retrieving
- * certificates and CRLs from a CertStore.
+ * certificates and CRLs from a {@code CertStore}.
* CertStoreException provides support for wrapping
+ * A {@code CertStoreException} provides support for wrapping
* exceptions. The {@link #getCause getCause} method returns the throwable,
* if any, that caused this exception to be thrown.
* CertStoreException with null as
+ * Creates a {@code CertStoreException} with {@code null} as
* its detail message.
*/
public CertStoreException() {
@@ -61,8 +61,8 @@
}
/**
- * Creates a CertStoreException with the given detail
- * message. A detail message is a String that describes this
+ * Creates a {@code CertStoreException} with the given detail
+ * message. A detail message is a {@code String} that describes this
* particular exception.
*
* @param msg the detail message
@@ -72,15 +72,15 @@
}
/**
- * Creates a CertStoreException that wraps the specified
+ * Creates a {@code CertStoreException} that wraps the specified
* throwable. This allows any exception to be converted into a
- * CertStoreException, while retaining information about the
+ * {@code CertStoreException}, while retaining information about the
* cause, which may be useful for debugging. The detail message is
- * set to (cause==null ? null : cause.toString()) (which
+ * set to ({@code cause==null ? null : cause.toString()}) (which
* typically contains the class and detail message of cause).
*
* @param cause the cause (which is saved for later retrieval by the
- * {@link #getCause getCause()} method). (A null value is
+ * {@link #getCause getCause()} method). (A {@code null} value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertStoreException(Throwable cause) {
@@ -88,12 +88,12 @@
}
/**
- * Creates a CertStoreException with the specified detail
+ * Creates a {@code CertStoreException} with the specified detail
* message and cause.
*
* @param msg the detail message
* @param cause the cause (which is saved for later retrieval by the
- * {@link #getCause getCause()} method). (A null value is
+ * {@link #getCause getCause()} method). (A {@code null} value is
* permitted, and indicates that the cause is nonexistent or unknown.)
*/
public CertStoreException(String msg, Throwable cause) {
--- old/src/share/classes/java/security/cert/CertStoreParameters.java 2013-06-21 18:29:54.553762775 -0700
+++ new/src/share/classes/java/security/cert/CertStoreParameters.java 2013-06-21 18:29:54.393762778 -0700
@@ -26,20 +26,20 @@
package java.security.cert;
/**
- * A specification of CertStore parameters.
+ * A specification of {@code CertStore} parameters.
* CertStore parameter specifications. All
- * CertStore parameter specifications must implement this
+ * all {@code CertStore} parameter specifications. All
+ * {@code CertStore} parameter specifications must implement this
* interface.
* CertStoreParameters object is passed as a parameter
+ * Typically, a {@code CertStoreParameters} object is passed as a parameter
* to one of the {@link CertStore#getInstance CertStore.getInstance} methods.
- * The getInstance method returns a CertStore that
- * is used for retrieving Certificates and CRLs. The
- * CertStore that is returned is initialized with the specified
+ * The {@code getInstance} method returns a {@code CertStore} that
+ * is used for retrieving {@code Certificate}s and {@code CRL}s. The
+ * {@code CertStore} that is returned is initialized with the specified
* parameters. The type of parameters needed may vary between different types
- * of CertStores.
+ * of {@code CertStore}s.
*
* @see CertStore#getInstance
*
@@ -49,32 +49,32 @@
public interface CertStoreParameters extends Cloneable {
/**
- * Makes a copy of this CertStoreParameters.
+ * Makes a copy of this {@code CertStoreParameters}.
* CertStoreParameters object. A typical implementation
+ * the {@code CertStoreParameters} object. A typical implementation
* performs a "deep copy" of this object, but this is not an absolute
* requirement. Some implementations may perform a "shallow copy" of some
* or all of the fields of this object.
* CertStore.getInstance methods make a copy
- * of the specified CertStoreParameters. A deep copy
- * implementation of clone is safer and more robust, as it
- * prevents the caller from corrupting a shared CertStore by
+ * Note that the {@code CertStore.getInstance} methods make a copy
+ * of the specified {@code CertStoreParameters}. A deep copy
+ * implementation of {@code clone} is safer and more robust, as it
+ * prevents the caller from corrupting a shared {@code CertStore} by
* subsequently modifying the contents of its initialization parameters.
- * However, a shallow copy implementation of clone is more
+ * However, a shallow copy implementation of {@code clone} is more
* appropriate for applications that need to hold a reference to a
- * parameter contained in the CertStoreParameters. For example,
+ * parameter contained in the {@code CertStoreParameters}. For example,
* a shallow copy clone allows an application to release the resources of
- * a particular CertStore initialization parameter immediately,
+ * a particular {@code CertStore} initialization parameter immediately,
* rather than waiting for the garbage collection mechanism. This should
- * be done with the utmost care, since the CertStore may still
+ * be done with the utmost care, since the {@code CertStore} may still
* be in use by other threads.
* CertStoreParameters
+ * @return a copy of this {@code CertStoreParameters}
*/
Object clone();
}
--- old/src/share/classes/java/security/cert/CertStoreSpi.java 2013-06-21 18:29:54.957762766 -0700
+++ new/src/share/classes/java/security/cert/CertStoreSpi.java 2013-06-21 18:29:54.793762770 -0700
@@ -30,26 +30,26 @@
/**
* The Service Provider Interface (SPI)
- * for the {@link CertStore CertStore} class. All CertStore
+ * for the {@link CertStore CertStore} class. All {@code CertStore}
* implementations must include a class (the SPI class) that extends
- * this class (CertStoreSpi), provides a constructor with
- * a single argument of type CertStoreParameters, and implements
+ * this class ({@code CertStoreSpi}), provides a constructor with
+ * a single argument of type {@code CertStoreParameters}, and implements
* all of its methods. In general, instances of this class should only be
- * accessed through the CertStore class.
+ * accessed through the {@code CertStore} class.
* For details, see the Java Cryptography Architecture.
* CertStoreSpi objects must be
+ * The public methods of all {@code CertStoreSpi} objects must be
* thread-safe. That is, multiple threads may concurrently invoke these
- * methods on a single CertStoreSpi object (or more than one)
- * with no ill effects. This allows a CertPathBuilder to search
+ * methods on a single {@code CertStoreSpi} object (or more than one)
+ * with no ill effects. This allows a {@code CertPathBuilder} to search
* for a CRL while simultaneously searching for further certificates, for
* instance.
* CertStoreSpi implementations will probably ensure
- * thread safety by adding a synchronized keyword to their
- * engineGetCertificates and engineGetCRLs methods.
+ * Simple {@code CertStoreSpi} implementations will probably ensure
+ * thread safety by adding a {@code synchronized} keyword to their
+ * {@code engineGetCertificates} and {@code engineGetCRLs} methods.
* More sophisticated ones may allow truly concurrent access.
*
* @since 1.4
@@ -60,64 +60,64 @@
/**
* The sole constructor.
*
- * @param params the initialization parameters (may be null)
+ * @param params the initialization parameters (may be {@code null})
* @throws InvalidAlgorithmParameterException if the initialization
- * parameters are inappropriate for this CertStoreSpi
+ * parameters are inappropriate for this {@code CertStoreSpi}
*/
public CertStoreSpi(CertStoreParameters params)
throws InvalidAlgorithmParameterException { }
/**
- * Returns a Collection of Certificates that
- * match the specified selector. If no Certificates
- * match the selector, an empty Collection will be returned.
+ * Returns a {@code Collection} of {@code Certificate}s that
+ * match the specified selector. If no {@code Certificate}s
+ * match the selector, an empty {@code Collection} will be returned.
* CertStore types, the resulting
- * Collection may not contain all of the
- * Certificates that match the selector. For instance,
- * an LDAP CertStore may not search all entries in the
+ * For some {@code CertStore} types, the resulting
+ * {@code Collection} may not contain all of the
+ * {@code Certificate}s that match the selector. For instance,
+ * an LDAP {@code CertStore} may not search all entries in the
* directory. Instead, it may just search entries that are likely to
- * contain the Certificates it is looking for.
+ * contain the {@code Certificate}s it is looking for.
* CertStore implementations (especially LDAP
- * CertStores) may throw a CertStoreException
- * unless a non-null CertSelector is provided that includes
+ * Some {@code CertStore} implementations (especially LDAP
+ * {@code CertStore}s) may throw a {@code CertStoreException}
+ * unless a non-null {@code CertSelector} is provided that includes
* specific criteria that can be used to find the certificates. Issuer
* and/or subject names are especially useful criteria.
*
- * @param selector A CertSelector used to select which
- * Certificates should be returned. Specify null
- * to return all Certificates (if supported).
- * @return A Collection of Certificates that
- * match the specified selector (never null)
+ * @param selector A {@code CertSelector} used to select which
+ * {@code Certificate}s should be returned. Specify {@code null}
+ * to return all {@code Certificate}s (if supported).
+ * @return A {@code Collection} of {@code Certificate}s that
+ * match the specified selector (never {@code null})
* @throws CertStoreException if an exception occurs
*/
public abstract Collection engineGetCertificates
(CertSelector selector) throws CertStoreException;
/**
- * Returns a Collection of CRLs that
- * match the specified selector. If no CRLs
- * match the selector, an empty Collection will be returned.
+ * Returns a {@code Collection} of {@code CRL}s that
+ * match the specified selector. If no {@code CRL}s
+ * match the selector, an empty {@code Collection} will be returned.
* CertStore types, the resulting
- * Collection may not contain all of the
- * CRLs that match the selector. For instance,
- * an LDAP CertStore may not search all entries in the
+ * For some {@code CertStore} types, the resulting
+ * {@code Collection} may not contain all of the
+ * {@code CRL}s that match the selector. For instance,
+ * an LDAP {@code CertStore} may not search all entries in the
* directory. Instead, it may just search entries that are likely to
- * contain the CRLs it is looking for.
+ * contain the {@code CRL}s it is looking for.
* CertStore implementations (especially LDAP
- * CertStores) may throw a CertStoreException
- * unless a non-null CRLSelector is provided that includes
+ * Some {@code CertStore} implementations (especially LDAP
+ * {@code CertStore}s) may throw a {@code CertStoreException}
+ * unless a non-null {@code CRLSelector} is provided that includes
* specific criteria that can be used to find the CRLs. Issuer names
* and/or the certificate to be checked are especially useful.
*
- * @param selector A CRLSelector used to select which
- * CRLs should be returned. Specify null
- * to return all CRLs (if supported).
- * @return A Collection of CRLs that
- * match the specified selector (never null)
+ * @param selector A {@code CRLSelector} used to select which
+ * {@code CRL}s should be returned. Specify {@code null}
+ * to return all {@code CRL}s (if supported).
+ * @return A {@code Collection} of {@code CRL}s that
+ * match the specified selector (never {@code null})
* @throws CertStoreException if an exception occurs
*/
public abstract Collection engineGetCRLs
--- old/src/share/classes/java/security/cert/Certificate.java 2013-06-21 18:29:55.369762758 -0700
+++ new/src/share/classes/java/security/cert/Certificate.java 2013-06-21 18:29:55.205762761 -0700
@@ -90,8 +90,8 @@
/**
* Compares this certificate for equality with the specified
- * object. If the other object is an
- * instanceof Certificate, then
+ * object. If the {@code other} object is an
+ * {@code instanceof} {@code Certificate}, then
* its encoded form is retrieved and compared with the
* encoded form of this certificate.
*
@@ -196,8 +196,8 @@
*
* abstract
- * and by default throws an UnsupportedOperationException.
+ * existing service providers, this method cannot be {@code abstract}
+ * and by default throws an {@code UnsupportedOperationException}.
*
* @param key the PublicKey used to carry out the verification.
* @param sigProvider the signature provider.
--- old/src/share/classes/java/security/cert/CertificateEncodingException.java 2013-06-21 18:29:55.765762750 -0700
+++ new/src/share/classes/java/security/cert/CertificateEncodingException.java 2013-06-21 18:29:55.609762753 -0700
@@ -56,7 +56,7 @@
}
/**
- * Creates a CertificateEncodingException with the specified
+ * Creates a {@code CertificateEncodingException} with the specified
* detail message and cause.
*
* @param message the detail message (which is saved for later retrieval
@@ -71,7 +71,7 @@
}
/**
- * Creates a CertificateEncodingException
+ * Creates a {@code CertificateEncodingException}
* with the specified cause and a detail message of
* (cause==null ? null : cause.toString())
* (which typically contains the class and detail message of
--- old/src/share/classes/java/security/cert/CertificateException.java 2013-06-21 18:29:56.165762741 -0700
+++ new/src/share/classes/java/security/cert/CertificateException.java 2013-06-21 18:29:56.005762745 -0700
@@ -57,7 +57,7 @@
}
/**
- * Creates a CertificateException with the specified
+ * Creates a {@code CertificateException} with the specified
* detail message and cause.
*
* @param message the detail message (which is saved for later retrieval
@@ -72,7 +72,7 @@
}
/**
- * Creates a CertificateException with the specified cause
+ * Creates a {@code CertificateException} with the specified cause
* and a detail message of (cause==null ? null : cause.toString())
* (which typically contains the class and detail message of
* cause).
--- old/src/share/classes/java/security/cert/CertificateExpiredException.java 2013-06-21 18:29:56.557762733 -0700
+++ new/src/share/classes/java/security/cert/CertificateExpiredException.java 2013-06-21 18:29:56.401762737 -0700
@@ -27,8 +27,8 @@
/**
* Certificate Expired Exception. This is thrown whenever the current
- * Date or the specified Date is after the
- * notAfter date/time specified in the validity period
+ * {@code Date} or the specified {@code Date} is after the
+ * {@code notAfter} date/time specified in the validity period
* of the certificate.
*
* @author Hemma Prafullchandra
--- old/src/share/classes/java/security/cert/CertificateFactory.java 2013-06-21 18:29:56.953762725 -0700
+++ new/src/share/classes/java/security/cert/CertificateFactory.java 2013-06-21 18:29:56.797762728 -0700
@@ -41,27 +41,27 @@
/**
* This class defines the functionality of a certificate factory, which is
- * used to generate certificate, certification path (CertPath)
+ * used to generate certificate, certification path ({@code CertPath})
* and certificate revocation list (CRL) objects from their encodings.
*
* generateCertificates when you want to
+ * {@code generateCertificates} when you want to
* parse a collection of possibly unrelated certificates. Otherwise,
- * use generateCertPath when you want to generate
- * a CertPath (a certificate chain) and subsequently
- * validate it with a CertPathValidator.
+ * use {@code generateCertPath} when you want to generate
+ * a {@code CertPath} (a certificate chain) and subsequently
+ * validate it with a {@code CertPathValidator}.
*
* java.security.cert.X509Certificate, and CRLs
- * that are an instance of java.security.cert.X509CRL.
+ * instance of {@code java.security.cert.X509Certificate}, and CRLs
+ * that are an instance of {@code java.security.cert.X509CRL}.
*
* FileInputStream (which does not support mark
- * and reset) to a BufferedInputStream (which
+ * {@code FileInputStream} (which does not support {@code mark}
+ * and {@code reset}) to a {@code BufferedInputStream} (which
* supports those methods), so that each call to
- * generateCertificate consumes only one certificate, and the
+ * {@code generateCertificate} consumes only one certificate, and the
* read position of the input stream is positioned to the next certificate in
* the file:CertificateFactory type:
+ * following standard {@code CertificateFactory} type:
*
*
- * and the following standard CertPath encodings:
+ * and the following standard {@code CertPath} encodings:
*
*
provider is
+ * @exception IllegalArgumentException if the {@code provider} is
* null.
*
* @see java.security.Provider
@@ -299,17 +299,17 @@
/**
* Generates a certificate object and initializes it with
- * the data read from the input stream inStream.
+ * the data read from the input stream {@code inStream}.
*
* X509Certificate class.
+ * can be typecast to the {@code X509Certificate} class.
*
* inStream must be DER-encoded and
+ * certificate provided in {@code inStream} must be DER-encoded and
* may be supplied in binary or printable (Base64) encoding. If the
* certificate is provided in Base64 encoding, it must be bounded at
* the beginning by -----BEGIN CERTIFICATE-----, and must be bounded at
@@ -324,7 +324,7 @@
* the inherent end-of-certificate marker. If the data in the input stream
* does not contain an inherent end-of-certificate marker (other
* than EOF) and there is trailing data after the certificate is parsed, a
- * CertificateException is thrown.
+ * {@code CertificateException} is thrown.
*
* @param inStream an input stream with the certificate data.
*
@@ -340,19 +340,19 @@
}
/**
- * Returns an iteration of the CertPath encodings supported
+ * Returns an iteration of the {@code CertPath} encodings supported
* by this certificate factory, with the default encoding first. See
* the CertPath Encodings section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
* for information about standard encoding names and their formats.
* Iterator via its
- * remove method result in an
- * UnsupportedOperationException.
+ * Attempts to modify the returned {@code Iterator} via its
+ * {@code remove} method result in an
+ * {@code UnsupportedOperationException}.
*
- * @return an Iterator over the names of the supported
- * CertPath encodings (as Strings)
+ * @return an {@code Iterator} over the names of the supported
+ * {@code CertPath} encodings (as {@code String}s)
* @since 1.4
*/
public final IteratorCertPath object and initializes it with
- * the data read from the InputStream inStream. The data
+ * Generates a {@code CertPath} object and initializes it with
+ * the data read from the {@code InputStream} inStream. The data
* is assumed to be in the default encoding. The name of the default
- * encoding is the first element of the Iterator returned by
+ * encoding is the first element of the {@code Iterator} returned by
* the {@link #getCertPathEncodings getCertPathEncodings} method.
*
- * @param inStream an InputStream containing the data
- * @return a CertPath initialized with the data from the
- * InputStream
+ * @param inStream an {@code InputStream} containing the data
+ * @return a {@code CertPath} initialized with the data from the
+ * {@code InputStream}
* @exception CertificateException if an exception occurs while decoding
* @since 1.4
*/
@@ -379,18 +379,18 @@
}
/**
- * Generates a CertPath object and initializes it with
- * the data read from the InputStream inStream. The data
+ * Generates a {@code CertPath} object and initializes it with
+ * the data read from the {@code InputStream} inStream. The data
* is assumed to be in the specified encoding. See
* the CertPath Encodings section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
* for information about standard encoding names and their formats.
*
- * @param inStream an InputStream containing the data
+ * @param inStream an {@code InputStream} containing the data
* @param encoding the encoding used for the data
- * @return a CertPath initialized with the data from the
- * InputStream
+ * @return a {@code CertPath} initialized with the data from the
+ * {@code InputStream}
* @exception CertificateException if an exception occurs while decoding or
* the encoding requested is not supported
* @since 1.4
@@ -402,15 +402,15 @@
}
/**
- * Generates a CertPath object and initializes it with
- * a List of Certificates.
+ * Generates a {@code CertPath} object and initializes it with
+ * a {@code List} of {@code Certificate}s.
* CertificateFactory. They will be copied out of the supplied
- * List object.
+ * {@code CertificateFactory}. They will be copied out of the supplied
+ * {@code List} object.
*
- * @param certificates a List of Certificates
- * @return a CertPath initialized with the supplied list of
+ * @param certificates a {@code List} of {@code Certificate}s
+ * @return a {@code CertPath} initialized with the supplied list of
* certificates
* @exception CertificateException if an exception occurs
* @since 1.4
@@ -424,20 +424,20 @@
/**
* Returns a (possibly empty) collection view of the certificates read
- * from the given input stream inStream.
+ * from the given input stream {@code inStream}.
*
* X509Certificate class.
+ * collection can be typecast to the {@code X509Certificate} class.
*
* inStream may contain a sequence of DER-encoded certificates
+ * {@code inStream} may contain a sequence of DER-encoded certificates
* in the formats described for
* {@link #generateCertificate(java.io.InputStream) generateCertificate}.
- * In addition, inStream may contain a PKCS#7 certificate
+ * In addition, {@code inStream} may contain a PKCS#7 certificate
* chain. This is a PKCS#7 SignedData object, with the only
* significant field being certificates. In particular, the
* signature and the contents are ignored. This format allows multiple
@@ -464,14 +464,14 @@
/**
* Generates a certificate revocation list (CRL) object and initializes it
- * with the data read from the input stream inStream.
+ * with the data read from the input stream {@code inStream}.
*
* X509CRL class.
+ * can be typecast to the {@code X509CRL} class.
*
* CRLException is thrown.
+ * {@code CRLException} is thrown.
*
* @param inStream an input stream with the CRL data.
*
@@ -499,18 +499,18 @@
/**
* Returns a (possibly empty) collection view of the CRLs read
- * from the given input stream inStream.
+ * from the given input stream {@code inStream}.
*
* X509CRL class.
+ * collection can be typecast to the {@code X509CRL} class.
*
* inStream may contain a sequence of DER-encoded CRLs.
- * In addition, inStream may contain a PKCS#7 CRL
+ * {@code inStream} may contain a sequence of DER-encoded CRLs.
+ * In addition, {@code inStream} may contain a PKCS#7 CRL
* set. This is a PKCS#7 SignedData object, with the only
* significant field being crls. In particular, the
* signature and the contents are ignored. This format allows multiple
--- old/src/share/classes/java/security/cert/CertificateFactorySpi.java 2013-06-21 18:29:57.377762717 -0700
+++ new/src/share/classes/java/security/cert/CertificateFactorySpi.java 2013-06-21 18:29:57.213762720 -0700
@@ -35,18 +35,18 @@
/**
* This class defines the Service Provider Interface (SPI)
- * for the CertificateFactory class.
+ * for the {@code CertificateFactory} class.
* All the abstract methods in this class must be implemented by each
* cryptographic service provider who wishes to supply the implementation
* of a certificate factory for a particular certificate type, e.g., X.509.
*
* CertPath) and certificate revocation list (CRL) objects from
+ * ({@code CertPath}) and certificate revocation list (CRL) objects from
* their encodings.
*
* java.security.cert.X509Certificate, and CRLs
- * that are an instance of java.security.cert.X509CRL.
+ * instance of {@code java.security.cert.X509Certificate}, and CRLs
+ * that are an instance of {@code java.security.cert.X509CRL}.
*
* @author Hemma Prafullchandra
* @author Jan Luehe
@@ -67,17 +67,17 @@
/**
* Generates a certificate object and initializes it with
- * the data read from the input stream inStream.
+ * the data read from the input stream {@code inStream}.
*
* X509Certificate class.
+ * can be typecast to the {@code X509Certificate} class.
*
* inStream must be DER-encoded and
+ * certificate provided in {@code inStream} must be DER-encoded and
* may be supplied in binary or printable (Base64) encoding. If the
* certificate is provided in Base64 encoding, it must be bounded at
* the beginning by -----BEGIN CERTIFICATE-----, and must be bounded at
@@ -92,7 +92,7 @@
* end-of-certificate marker. If the data in the
* input stream does not contain an inherent end-of-certificate marker (other
* than EOF) and there is trailing data after the certificate is parsed, a
- * CertificateException is thrown.
+ * {@code CertificateException} is thrown.
*
* @param inStream an input stream with the certificate data.
*
@@ -105,18 +105,18 @@
throws CertificateException;
/**
- * Generates a CertPath object and initializes it with
- * the data read from the InputStream inStream. The data
+ * Generates a {@code CertPath} object and initializes it with
+ * the data read from the {@code InputStream} inStream. The data
* is assumed to be in the default encoding.
*
* abstract
- * and by default throws an UnsupportedOperationException.
+ * existing service providers, this method cannot be {@code abstract}
+ * and by default throws an {@code UnsupportedOperationException}.
*
- * @param inStream an InputStream containing the data
- * @return a CertPath initialized with the data from the
- * InputStream
+ * @param inStream an {@code InputStream} containing the data
+ * @return a {@code CertPath} initialized with the data from the
+ * {@code InputStream}
* @exception CertificateException if an exception occurs while decoding
* @exception UnsupportedOperationException if the method is not supported
* @since 1.4
@@ -128,19 +128,19 @@
}
/**
- * Generates a CertPath object and initializes it with
- * the data read from the InputStream inStream. The data
+ * Generates a {@code CertPath} object and initializes it with
+ * the data read from the {@code InputStream} inStream. The data
* is assumed to be in the specified encoding.
*
* abstract
- * and by default throws an UnsupportedOperationException.
+ * existing service providers, this method cannot be {@code abstract}
+ * and by default throws an {@code UnsupportedOperationException}.
*
- * @param inStream an InputStream containing the data
+ * @param inStream an {@code InputStream} containing the data
* @param encoding the encoding used for the data
- * @return a CertPath initialized with the data from the
- * InputStream
+ * @return a {@code CertPath} initialized with the data from the
+ * {@code InputStream}
* @exception CertificateException if an exception occurs while decoding or
* the encoding requested is not supported
* @exception UnsupportedOperationException if the method is not supported
@@ -153,20 +153,20 @@
}
/**
- * Generates a CertPath object and initializes it with
- * a List of Certificates.
+ * Generates a {@code CertPath} object and initializes it with
+ * a {@code List} of {@code Certificate}s.
* CertificateFactory. They will be copied out of the supplied
- * List object.
+ * {@code CertificateFactory}. They will be copied out of the supplied
+ * {@code List} object.
*
* abstract
- * and by default throws an UnsupportedOperationException.
+ * existing service providers, this method cannot be {@code abstract}
+ * and by default throws an {@code UnsupportedOperationException}.
*
- * @param certificates a List of Certificates
- * @return a CertPath initialized with the supplied list of
+ * @param certificates a {@code List} of {@code Certificate}s
+ * @return a {@code CertPath} initialized with the supplied list of
* certificates
* @exception CertificateException if an exception occurs
* @exception UnsupportedOperationException if the method is not supported
@@ -180,24 +180,24 @@
}
/**
- * Returns an iteration of the CertPath encodings supported
+ * Returns an iteration of the {@code CertPath} encodings supported
* by this certificate factory, with the default encoding first. See
* the CertPath Encodings section in the
* Java Cryptography Architecture Standard Algorithm Name Documentation
* for information about standard encoding names.
* Iterator via its
- * remove method result in an
- * UnsupportedOperationException.
+ * Attempts to modify the returned {@code Iterator} via its
+ * {@code remove} method result in an
+ * {@code UnsupportedOperationException}.
*
* abstract
- * and by default throws an UnsupportedOperationException.
+ * existing service providers, this method cannot be {@code abstract}
+ * and by default throws an {@code UnsupportedOperationException}.
*
- * @return an Iterator over the names of the supported
- * CertPath encodings (as Strings)
+ * @return an {@code Iterator} over the names of the supported
+ * {@code CertPath} encodings (as {@code String}s)
* @exception UnsupportedOperationException if the method is not supported
* @since 1.4
*/
@@ -207,21 +207,21 @@
/**
* Returns a (possibly empty) collection view of the certificates read
- * from the given input stream inStream.
+ * from the given input stream {@code inStream}.
*
* X509Certificate class.
+ * collection can be typecast to the {@code X509Certificate} class.
*
* inStream may contain a single DER-encoded certificate
+ * {@code inStream} may contain a single DER-encoded certificate
* in the formats described for
* {@link CertificateFactory#generateCertificate(java.io.InputStream)
* generateCertificate}.
- * In addition, inStream may contain a PKCS#7 certificate
+ * In addition, {@code inStream} may contain a PKCS#7 certificate
* chain. This is a PKCS#7 SignedData object, with the only
* significant field being certificates. In particular, the
* signature and the contents are ignored. This format allows multiple
@@ -247,14 +247,14 @@
/**
* Generates a certificate revocation list (CRL) object and initializes it
- * with the data read from the input stream inStream.
+ * with the data read from the input stream {@code inStream}.
*
* X509CRL class.
+ * can be typecast to the {@code X509CRL} class.
*
* CRLException is thrown.
+ * {@code CRLException} is thrown.
*
* @param inStream an input stream with the CRL data.
*
@@ -279,18 +279,18 @@
/**
* Returns a (possibly empty) collection view of the CRLs read
- * from the given input stream inStream.
+ * from the given input stream {@code inStream}.
*
* X509CRL class.
+ * collection can be typecast to the {@code X509CRL} class.
*
* inStream may contain a single DER-encoded CRL.
- * In addition, inStream may contain a PKCS#7 CRL
+ * {@code inStream} may contain a single DER-encoded CRL.
+ * In addition, {@code inStream} may contain a PKCS#7 CRL
* set. This is a PKCS#7 SignedData object, with the only
* significant field being crls. In particular, the
* signature and the contents are ignored. This format allows multiple
--- old/src/share/classes/java/security/cert/CertificateNotYetValidException.java 2013-06-21 18:29:57.789762708 -0700
+++ new/src/share/classes/java/security/cert/CertificateNotYetValidException.java 2013-06-21 18:29:57.629762711 -0700
@@ -27,8 +27,8 @@
/**
* Certificate is not yet valid exception. This is thrown whenever
- * the current Date or the specified Date
- * is before the notBefore date/time in the Certificate
+ * the current {@code Date} or the specified {@code Date}
+ * is before the {@code notBefore} date/time in the Certificate
* validity period.
*
* @author Hemma Prafullchandra
--- old/src/share/classes/java/security/cert/CertificateParsingException.java 2013-06-21 18:29:58.205762700 -0700
+++ new/src/share/classes/java/security/cert/CertificateParsingException.java 2013-06-21 18:29:58.025762703 -0700
@@ -57,7 +57,7 @@
}
/**
- * Creates a CertificateParsingException with the specified
+ * Creates a {@code CertificateParsingException} with the specified
* detail message and cause.
*
* @param message the detail message (which is saved for later retrieval
@@ -72,7 +72,7 @@
}
/**
- * Creates a CertificateParsingException with the
+ * Creates a {@code CertificateParsingException} with the
* specified cause and a detail message of
* (cause==null ? null : cause.toString())
* (which typically contains the class and detail message of
--- old/src/share/classes/java/security/cert/CertificateRevokedException.java 2013-06-21 18:29:58.605762691 -0700
+++ new/src/share/classes/java/security/cert/CertificateRevokedException.java 2013-06-21 18:29:58.449762695 -0700
@@ -39,7 +39,7 @@
/**
* An exception that indicates an X.509 certificate is revoked. A
- * CertificateRevokedException contains additional information
+ * {@code CertificateRevokedException} contains additional information
* about the revoked certificate, such as the date on which the
* certificate was revoked and the reason it was revoked.
*
@@ -60,7 +60,7 @@
*/
private final CRLReason reason;
/**
- * @serial the X500Principal that represents the name of the
+ * @serial the {@code X500Principal} that represents the name of the
* authority that signed the certificate's revocation status information
*/
private final X500Principal authority;
@@ -68,7 +68,7 @@
private transient MapCertificateRevokedException with
+ * Constructs a {@code CertificateRevokedException} with
* the specified revocation date, reason code, authority name, and map
* of extensions.
*
@@ -78,12 +78,12 @@
* @param extensions a map of X.509 Extensions. Each key is an OID String
* that maps to the corresponding Extension. The map is copied to
* prevent subsequent modification.
- * @param authority the X500Principal that represents the name
+ * @param authority the {@code X500Principal} that represents the name
* of the authority that signed the certificate's revocation status
* information
- * @throws NullPointerException if revocationDate,
- * reason, authority, or
- * extensions is null
+ * @throws NullPointerException if {@code revocationDate},
+ * {@code reason}, {@code authority}, or
+ * {@code extensions} is {@code null}
*/
public CertificateRevokedException(Date revocationDate, CRLReason reason,
X500Principal authority, MapX500Principal that represents the name of the
+ * @return the {@code X500Principal} that represents the name of the
* authority that signed the certificate's revocation status information
*/
public X500Principal getAuthorityName() {
@@ -130,16 +130,16 @@
/**
* Returns the invalidity date, as specifed in the Invalidity Date
- * extension of this CertificateRevokedException. The
+ * extension of this {@code CertificateRevokedException}. The
* invalidity date is the date on which it is known or suspected that the
* private key was compromised or that the certificate otherwise became
- * invalid. This implementation calls getExtensions() and
+ * invalid. This implementation calls {@code getExtensions()} and
* checks the returned map for an entry for the Invalidity Date extension
* OID ("2.5.29.24"). If found, it returns the invalidity date in the
* extension; otherwise null. A new Date object is returned each time the
* method is invoked to protect against subsequent modification.
*
- * @return the invalidity date, or null if not specified
+ * @return the invalidity date, or {@code null} if not specified
*/
public Date getInvalidityDate() {
Extension ext = getExtensions().get("2.5.29.24");
@@ -176,7 +176,7 @@
}
/**
- * Serialize this CertificateRevokedException instance.
+ * Serialize this {@code CertificateRevokedException} instance.
*
* @serialData the size of the extensions map (int), followed by all of
* the extensions in the map, in no particular order. For each extension,
@@ -208,7 +208,7 @@
}
/**
- * Deserialize the CertificateRevokedException instance.
+ * Deserialize the {@code CertificateRevokedException} instance.
*/
private void readObject(ObjectInputStream ois)
throws IOException, ClassNotFoundException {
--- old/src/share/classes/java/security/cert/CollectionCertStoreParameters.java 2013-06-21 18:29:59.009762683 -0700
+++ new/src/share/classes/java/security/cert/CollectionCertStoreParameters.java 2013-06-21 18:29:58.849762686 -0700
@@ -30,13 +30,13 @@
import java.util.Collections;
/**
- * Parameters used as input for the Collection CertStore
+ * Parameters used as input for the Collection {@code CertStore}
* algorithm.
* CertStore
+ * to implementations of the Collection {@code CertStore}
* algorithm. The only parameter included in this class is the
- * Collection from which the CertStore will
+ * {@code Collection} from which the {@code CertStore} will
* retrieve certificates and CRLs.
* CollectionCertStoreParameters
+ * Creates an instance of {@code CollectionCertStoreParameters}
* which will allow certificates and CRLs to be retrieved from the
- * specified Collection. If the specified
- * Collection contains an object that is not a
- * Certificate or CRL, that object will be
- * ignored by the Collection CertStore.
+ * specified {@code Collection}. If the specified
+ * {@code Collection} contains an object that is not a
+ * {@code Certificate} or {@code CRL}, that object will be
+ * ignored by the Collection {@code CertStore}.
* Collection is not copied. Instead, a
+ * The {@code Collection} is not copied. Instead, a
* reference is used. This allows the caller to subsequently add or
- * remove Certificates or CRLs from the
- * Collection, thus changing the set of
- * Certificates or CRLs available to the
- * Collection CertStore. The Collection CertStore
- * will not modify the contents of the Collection.
+ * remove {@code Certificates} or {@code CRL}s from the
+ * {@code Collection}, thus changing the set of
+ * {@code Certificates} or {@code CRL}s available to the
+ * Collection {@code CertStore}. The Collection {@code CertStore}
+ * will not modify the contents of the {@code Collection}.
* Collection will be modified by one thread while
- * another thread is calling a method of a Collection CertStore
- * that has been initialized with this Collection, the
- * Collection must have fail-fast iterators.
+ * If the {@code Collection} will be modified by one thread while
+ * another thread is calling a method of a Collection {@code CertStore}
+ * that has been initialized with this {@code Collection}, the
+ * {@code Collection} must have fail-fast iterators.
*
- * @param collection a Collection of
- * Certificates and CRLs
- * @exception NullPointerException if collection is
- * null
+ * @param collection a {@code Collection} of
+ * {@code Certificate}s and {@code CRL}s
+ * @exception NullPointerException if {@code collection} is
+ * {@code null}
*/
public CollectionCertStoreParameters(Collection collection) {
if (collection == null)
@@ -90,22 +90,22 @@
}
/**
- * Creates an instance of CollectionCertStoreParameters with
+ * Creates an instance of {@code CollectionCertStoreParameters} with
* the default parameter values (an empty and immutable
- * Collection).
+ * {@code Collection}).
*/
public CollectionCertStoreParameters() {
coll = Collections.EMPTY_SET;
}
/**
- * Returns the Collection from which Certificates
- * and CRLs are retrieved. This is not a copy of the
- * Collection, it is a reference. This allows the caller to
- * subsequently add or remove Certificates or
- * CRLs from the Collection.
+ * Returns the {@code Collection} from which {@code Certificate}s
+ * and {@code CRL}s are retrieved. This is not a copy of the
+ * {@code Collection}, it is a reference. This allows the caller to
+ * subsequently add or remove {@code Certificates} or
+ * {@code CRL}s from the {@code Collection}.
*
- * @return the Collection (never null)
+ * @return the {@code Collection} (never null)
*/
public Collection getCollection() {
return coll;
@@ -113,7 +113,7 @@
/**
* Returns a copy of this object. Note that only a reference to the
- * Collection is copied, and not the contents.
+ * {@code Collection} is copied, and not the contents.
*
* @return the copy
*/
--- old/src/share/classes/java/security/cert/Extension.java 2013-06-21 18:29:59.405762675 -0700
+++ new/src/share/classes/java/security/cert/Extension.java 2013-06-21 18:29:59.245762678 -0700
@@ -84,7 +84,7 @@
* that are encoded as an OCTET STRING. It does not include the OCTET
* STRING tag and length.
*
- * @return a copy of the extension's value, or null if no
+ * @return a copy of the extension's value, or {@code null} if no
* extension value is present.
*/
byte[] getValue();
@@ -95,7 +95,7 @@
*
* @param out the output stream
* @exception IOException on encoding or output error.
- * @exception NullPointerException if out is null.
+ * @exception NullPointerException if {@code out} is {@code null}.
*/
void encode(OutputStream out) throws IOException;
}
--- old/src/share/classes/java/security/cert/LDAPCertStoreParameters.java 2013-06-21 18:29:59.805762667 -0700
+++ new/src/share/classes/java/security/cert/LDAPCertStoreParameters.java 2013-06-21 18:29:59.645762670 -0700
@@ -26,10 +26,10 @@
package java.security.cert;
/**
- * Parameters used as input for the LDAP CertStore algorithm.
+ * Parameters used as input for the LDAP {@code CertStore} algorithm.
* CertStore
+ * name and port number) to implementations of the LDAP {@code CertStore}
* algorithm.
* LDAPCertStoreParameters with the
+ * Creates an instance of {@code LDAPCertStoreParameters} with the
* specified parameter values.
*
* @param serverName the DNS name of the LDAP server
* @param port the port number of the LDAP server
- * @exception NullPointerException if serverName is
- * null
+ * @exception NullPointerException if {@code serverName} is
+ * {@code null}
*/
public LDAPCertStoreParameters(String serverName, int port) {
if (serverName == null)
@@ -75,19 +75,19 @@
}
/**
- * Creates an instance of LDAPCertStoreParameters with the
+ * Creates an instance of {@code LDAPCertStoreParameters} with the
* specified server name and a default port of 389.
*
* @param serverName the DNS name of the LDAP server
- * @exception NullPointerException if serverName is
- * null
+ * @exception NullPointerException if {@code serverName} is
+ * {@code null}
*/
public LDAPCertStoreParameters(String serverName) {
this(serverName, LDAP_DEFAULT_PORT);
}
/**
- * Creates an instance of LDAPCertStoreParameters with the
+ * Creates an instance of {@code LDAPCertStoreParameters} with the
* default parameter values (server name "localhost", port 389).
*/
public LDAPCertStoreParameters() {
@@ -97,7 +97,7 @@
/**
* Returns the DNS name of the LDAP server.
*
- * @return the name (not null)
+ * @return the name (not {@code null})
*/
public String getServerName() {
return serverName;
@@ -117,7 +117,7 @@
* the original and vice versa.
* Object.clone()). This may be changed in a
+ * (simply calls {@code Object.clone()}). This may be changed in a
* future revision to perform a deep copy if new parameters are added
* that should not be shared.
*
--- old/src/share/classes/java/security/cert/PKIXBuilderParameters.java 2013-06-21 18:30:00.201762659 -0700
+++ new/src/share/classes/java/security/cert/PKIXBuilderParameters.java 2013-06-21 18:30:00.045762662 -0700
@@ -32,35 +32,35 @@
import java.util.Set;
/**
- * Parameters used as input for the PKIX CertPathBuilder
+ * Parameters used as input for the PKIX {@code CertPathBuilder}
* algorithm.
* CertPathBuilder uses these parameters to {@link
- * CertPathBuilder#build build} a CertPath which has been
+ * A PKIX {@code CertPathBuilder} uses these parameters to {@link
+ * CertPathBuilder#build build} a {@code CertPath} which has been
* validated according to the PKIX certification path validation algorithm.
*
- * PKIXBuilderParameters object, an
+ * Set of TrustAnchor objects, each of which
+ * {@code Set} of {@code TrustAnchor} objects, each of which
* identifies a most-trusted CA. Alternatively, an application can call
* {@link #PKIXBuilderParameters(KeyStore, CertSelector)
* PKIXBuilderParameters(KeyStore, CertSelector)}, specifying a
- * KeyStore instance containing trusted certificate entries, each
+ * {@code KeyStore} instance containing trusted certificate entries, each
* of which will be considered as a most-trusted CA.
*
* CertPathBuilder will attempt
+ * certificate that the {@code CertPathBuilder} will attempt
* to build a path to. The constraints are specified as a
- * CertSelector object. These constraints should provide the
- * CertPathBuilder with enough search criteria to find the target
- * certificate. Minimal criteria for an X509Certificate usually
+ * {@code CertSelector} object. These constraints should provide the
+ * {@code CertPathBuilder} with enough search criteria to find the target
+ * certificate. Minimal criteria for an {@code X509Certificate} usually
* include the subject name and/or one or more subject alternative names.
- * If enough criteria is not specified, the CertPathBuilder
- * may throw a CertPathBuilderException.
+ * If enough criteria is not specified, the {@code CertPathBuilder}
+ * may throw a {@code CertPathBuilderException}.
* PKIXBuilderParameters with
- * the specified Set of most-trusted CAs.
+ * Creates an instance of {@code PKIXBuilderParameters} with
+ * the specified {@code Set} of most-trusted CAs.
* Each element of the set is a {@link TrustAnchor TrustAnchor}.
*
- * Set is copied to protect against
+ * Set of TrustAnchors
- * @param targetConstraints a CertSelector specifying the
+ * @param trustAnchors a {@code Set} of {@code TrustAnchor}s
+ * @param targetConstraints a {@code CertSelector} specifying the
* constraints on the target certificate
- * @throws InvalidAlgorithmParameterException if trustAnchors
- * is empty (trustAnchors.isEmpty() == true)
- * @throws NullPointerException if trustAnchors is
- * null
+ * @throws InvalidAlgorithmParameterException if {@code trustAnchors}
+ * is empty {@code (trustAnchors.isEmpty() == true)}
+ * @throws NullPointerException if {@code trustAnchors} is
+ * {@code null}
* @throws ClassCastException if any of the elements of
- * trustAnchors are not of type
- * java.security.cert.TrustAnchor
+ * {@code trustAnchors} are not of type
+ * {@code java.security.cert.TrustAnchor}
*/
public PKIXBuilderParameters(SetPKIXBuilderParameters that
+ * Creates an instance of {@code PKIXBuilderParameters} that
* populates the set of most-trusted CAs from the trusted
- * certificate entries contained in the specified KeyStore.
- * Only keystore entries that contain trusted X509Certificates
+ * certificate entries contained in the specified {@code KeyStore}.
+ * Only keystore entries that contain trusted {@code X509Certificate}s
* are considered; all other certificate types are ignored.
*
- * @param keystore a KeyStore from which the set of
+ * @param keystore a {@code KeyStore} from which the set of
* most-trusted CAs will be populated
- * @param targetConstraints a CertSelector specifying the
+ * @param targetConstraints a {@code CertSelector} specifying the
* constraints on the target certificate
- * @throws KeyStoreException if keystore has not been
+ * @throws KeyStoreException if {@code keystore} has not been
* initialized
- * @throws InvalidAlgorithmParameterException if keystore does
+ * @throws InvalidAlgorithmParameterException if {@code keystore} does
* not contain at least one trusted certificate entry
- * @throws NullPointerException if keystore is
- * null
+ * @throws NullPointerException if {@code keystore} is
+ * {@code null}
*/
public PKIXBuilderParameters(KeyStore keystore,
CertSelector targetConstraints)
@@ -139,7 +139,7 @@
* in a certification path is not an intermediate certificate, and is not
* included in this limit. Usually the last certificate is an end entity
* certificate, but it can be a CA certificate. A PKIX
- * CertPathBuilder instance must not build
+ * {@code CertPathBuilder} instance must not build
* paths longer than the length specified.
*
* BasicConstraintsExtension, the value of the
- * pathLenConstraint field of the extension overrides
+ * {@code BasicConstraintsExtension}, the value of the
+ * {@code pathLenConstraint} field of the extension overrides
* the maximum path length parameter whenever the result is a
* certification path of smaller length.
*
* @param maxPathLength the maximum number of non-self-issued intermediate
* certificates that may exist in a certification path
- * @throws InvalidParameterException if maxPathLength is set
+ * @throws InvalidParameterException if {@code maxPathLength} is set
* to a value less than -1
*
* @see #getMaxPathLength
--- old/src/share/classes/java/security/cert/PKIXCertPathBuilderResult.java 2013-06-21 18:30:00.601762650 -0700
+++ new/src/share/classes/java/security/cert/PKIXCertPathBuilderResult.java 2013-06-21 18:30:00.445762654 -0700
@@ -33,14 +33,14 @@
* returned using this algorithm are also validated according to the PKIX
* certification path validation algorithm.
*
- * PKIXCertPathBuilderResult are returned by
- * the build method of CertPathBuilder
+ * PKIXCertPathBuilderResult objects contain the
+ * TrustAnchor describing the certification
+ * algorithm, and a {@code TrustAnchor} describing the certification
* authority (CA) that served as a trust anchor for the certification path.
* PKIXCertPathBuilderResult
+ * Creates an instance of {@code PKIXCertPathBuilderResult}
* containing the specified parameters.
*
- * @param certPath the validated CertPath
- * @param trustAnchor a TrustAnchor describing the CA that
+ * @param certPath the validated {@code CertPath}
+ * @param trustAnchor a {@code TrustAnchor} describing the CA that
* served as a trust anchor for the certification path
- * @param policyTree the immutable valid policy tree, or null
+ * @param policyTree the immutable valid policy tree, or {@code null}
* if there are no valid policies
* @param subjectPublicKey the public key of the subject
- * @throws NullPointerException if the certPath,
- * trustAnchor or subjectPublicKey parameters
- * are null
+ * @throws NullPointerException if the {@code certPath},
+ * {@code trustAnchor} or {@code subjectPublicKey} parameters
+ * are {@code null}
*/
public PKIXCertPathBuilderResult(CertPath certPath,
TrustAnchor trustAnchor, PolicyNode policyTree,
@@ -87,13 +87,13 @@
/**
* Returns the built and validated certification path. The
- * CertPath object does not include the trust anchor.
+ * {@code CertPath} object does not include the trust anchor.
* Instead, use the {@link #getTrustAnchor() getTrustAnchor()} method to
- * obtain the TrustAnchor that served as the trust anchor
+ * obtain the {@code TrustAnchor} that served as the trust anchor
* for the certification path.
*
- * @return the built and validated CertPath (never
- * null)
+ * @return the built and validated {@code CertPath} (never
+ * {@code null})
*/
public CertPath getCertPath() {
return certPath;
@@ -101,10 +101,10 @@
/**
* Return a printable representation of this
- * PKIXCertPathBuilderResult.
+ * {@code PKIXCertPathBuilderResult}.
*
- * @return a String describing the contents of this
- * PKIXCertPathBuilderResult
+ * @return a {@code String} describing the contents of this
+ * {@code PKIXCertPathBuilderResult}
*/
public String toString() {
StringBuffer sb = new StringBuffer();
--- old/src/share/classes/java/security/cert/PKIXCertPathChecker.java 2013-06-21 18:30:01.001762642 -0700
+++ new/src/share/classes/java/security/cert/PKIXCertPathChecker.java 2013-06-21 18:30:00.841762645 -0700
@@ -30,38 +30,38 @@
/**
* An abstract class that performs one or more checks on an
- * X509Certificate.
+ * {@code X509Certificate}.
*
- * PKIXCertPathChecker class
+ * PKIXCertPathChecker are passed as parameters
+ * PKIXParameters and PKIXBuilderParameters
- * class. Each of the PKIXCertPathCheckers {@link #check check}
+ * of the {@code PKIXParameters} and {@code PKIXBuilderParameters}
+ * class. Each of the {@code PKIXCertPathChecker}s {@link #check check}
* methods will be called, in turn, for each certificate processed by a PKIX
- * CertPathValidator or CertPathBuilder
+ * {@code CertPathValidator} or {@code CertPathBuilder}
* implementation.
*
- * PKIXCertPathChecker may be called multiple times on
+ * CertPathBuilder to efficiently
+ * order to allow a PKIX {@code CertPathBuilder} to efficiently
* backtrack and try other paths. In these situations, the
- * CertPathBuilder is able to restore prior path validation
- * states by restoring the cloned PKIXCertPathCheckers.
+ * {@code CertPathBuilder} is able to restore prior path validation
+ * states by restoring the cloned {@code PKIXCertPathChecker}s.
*
* PKIXCertPathChecker may be either in the forward direction
+ * {@code PKIXCertPathChecker} may be either in the forward direction
* (from target to most-trusted CA) or in the reverse direction (from
- * most-trusted CA to target). A PKIXCertPathChecker implementation
+ * most-trusted CA to target). A {@code PKIXCertPathChecker} implementation
* must support reverse checking (the ability to perform its checks when
* it is presented with certificates in the reverse direction) and may
* support forward checking (the ability to perform its checks when it is
@@ -96,19 +96,19 @@
protected PKIXCertPathChecker() {}
/**
- * Initializes the internal state of this PKIXCertPathChecker.
+ * Initializes the internal state of this {@code PKIXCertPathChecker}.
* forward flag specifies the order that
+ * The {@code forward} flag specifies the order that
* certificates will be passed to the {@link #check check} method
- * (forward or reverse). A PKIXCertPathChecker must
+ * (forward or reverse). A {@code PKIXCertPathChecker} must
* support reverse checking and may support forward checking.
*
* @param forward the order that certificates are presented to
- * the check method. If true, certificates
+ * the {@code check} method. If {@code true}, certificates
* are presented from target to most-trusted CA (forward); if
- * false, from most-trusted CA to target (reverse).
+ * {@code false}, from most-trusted CA to target (reverse).
* @throws CertPathValidatorException if this
- * PKIXCertPathChecker is unable to check certificates in
+ * {@code PKIXCertPathChecker} is unable to check certificates in
* the specified order; it should never be thrown if the forward flag
* is false since reverse checking must be supported
*/
@@ -118,32 +118,32 @@
/**
* Indicates if forward checking is supported. Forward checking refers
- * to the ability of the PKIXCertPathChecker to perform
- * its checks when certificates are presented to the check
+ * to the ability of the {@code PKIXCertPathChecker} to perform
+ * its checks when certificates are presented to the {@code check}
* method in the forward direction (from target to most-trusted CA).
*
- * @return true if forward checking is supported,
- * false otherwise
+ * @return {@code true} if forward checking is supported,
+ * {@code false} otherwise
*/
@Override
public abstract boolean isForwardCheckingSupported();
/**
- * Returns an immutable Set of X.509 certificate extensions
- * that this PKIXCertPathChecker supports (i.e. recognizes, is
- * able to process), or null if no extensions are supported.
+ * Returns an immutable {@code Set} of X.509 certificate extensions
+ * that this {@code PKIXCertPathChecker} supports (i.e. recognizes, is
+ * able to process), or {@code null} if no extensions are supported.
* String representing the
+ * Each element of the set is a {@code String} representing the
* Object Identifier (OID) of the X.509 extension that is supported.
* The OID is represented by a set of nonnegative integers separated by
* periods.
* PKIXCertPathChecker
+ * All X.509 certificate extensions that a {@code PKIXCertPathChecker}
* might possibly be able to process should be included in the set.
*
- * @return an immutable Set of X.509 extension OIDs (in
- * String format) supported by this
- * PKIXCertPathChecker, or null if no
+ * @return an immutable {@code Set} of X.509 extension OIDs (in
+ * {@code String} format) supported by this
+ * {@code PKIXCertPathChecker}, or {@code null} if no
* extensions are supported
*/
public abstract Setinit method.
+ * specified by the {@code init} method.
*
- * @param cert the Certificate to be checked
- * @param unresolvedCritExts a Collection of OID strings
+ * @param cert the {@code Certificate} to be checked
+ * @param unresolvedCritExts a {@code Collection} of OID strings
* representing the current set of unresolved critical extensions
* @exception CertPathValidatorException if the specified certificate does
* not pass the check
@@ -177,12 +177,12 @@
}
/**
- * Returns a clone of this object. Calls the Object.clone()
+ * Returns a clone of this object. Calls the {@code Object.clone()}
* method.
* All subclasses which maintain state must support and
* override this method, if necessary.
*
- * @return a copy of this PKIXCertPathChecker
+ * @return a copy of this {@code PKIXCertPathChecker}
*/
@Override
public Object clone() {
--- old/src/share/classes/java/security/cert/PKIXCertPathValidatorResult.java 2013-06-21 18:30:01.397762634 -0700
+++ new/src/share/classes/java/security/cert/PKIXCertPathValidatorResult.java 2013-06-21 18:30:01.241762637 -0700
@@ -31,13 +31,13 @@
* This class represents the successful result of the PKIX certification
* path validation algorithm.
*
- * PKIXCertPathValidatorResult are returned by the
+ * CertPathValidator objects implementing the PKIX algorithm.
+ * {@code CertPathValidator} objects implementing the PKIX algorithm.
*
- * PKIXCertPathValidatorResult objects contain the
+ * TrustAnchor describing
+ * validation algorithm, as well as a {@code TrustAnchor} describing
* the certification authority (CA) that served as a trust anchor for the
* certification path.
* PKIXCertPathValidatorResult
+ * Creates an instance of {@code PKIXCertPathValidatorResult}
* containing the specified parameters.
*
- * @param trustAnchor a TrustAnchor describing the CA that
+ * @param trustAnchor a {@code TrustAnchor} describing the CA that
* served as a trust anchor for the certification path
- * @param policyTree the immutable valid policy tree, or null
+ * @param policyTree the immutable valid policy tree, or {@code null}
* if there are no valid policies
* @param subjectPublicKey the public key of the subject
- * @throws NullPointerException if the subjectPublicKey or
- * trustAnchor parameters are null
+ * @throws NullPointerException if the {@code subjectPublicKey} or
+ * {@code trustAnchor} parameters are {@code null}
*/
public PKIXCertPathValidatorResult(TrustAnchor trustAnchor,
PolicyNode policyTree, PublicKey subjectPublicKey)
@@ -86,10 +86,10 @@
}
/**
- * Returns the TrustAnchor describing the CA that served
+ * Returns the {@code TrustAnchor} describing the CA that served
* as a trust anchor for the certification path.
*
- * @return the TrustAnchor (never null)
+ * @return the {@code TrustAnchor} (never {@code null})
*/
public TrustAnchor getTrustAnchor() {
return trustAnchor;
@@ -98,18 +98,18 @@
/**
* Returns the root node of the valid policy tree resulting from the
* PKIX certification path validation algorithm. The
- * PolicyNode object that is returned and any objects that
+ * {@code PolicyNode} object that is returned and any objects that
* it returns through public methods are immutable.
*
* PKIXParameters. However, more
+ * policy-related parameters in {@code PKIXParameters}. However, more
* sophisticated applications, especially those that process policy
* qualifiers, may need to traverse the valid policy tree using the
* {@link PolicyNode#getParent PolicyNode.getParent} and
* {@link PolicyNode#getChildren PolicyNode.getChildren} methods.
*
- * @return the root node of the valid policy tree, or null
+ * @return the root node of the valid policy tree, or {@code null}
* if there are no valid policies
*/
public PolicyNode getPolicyTree() {
@@ -120,7 +120,7 @@
* Returns the public key of the subject (target) of the certification
* path, including any inherited public key parameters if applicable.
*
- * @return the public key of the subject (never null)
+ * @return the public key of the subject (never {@code null})
*/
public PublicKey getPublicKey() {
return subjectPublicKey;
@@ -142,10 +142,10 @@
/**
* Return a printable representation of this
- * PKIXCertPathValidatorResult.
+ * {@code PKIXCertPathValidatorResult}.
*
- * @return a String describing the contents of this
- * PKIXCertPathValidatorResult
+ * @return a {@code String} describing the contents of this
+ * {@code PKIXCertPathValidatorResult}
*/
public String toString() {
StringBuffer sb = new StringBuffer();
--- old/src/share/classes/java/security/cert/PKIXParameters.java 2013-06-21 18:30:01.797762626 -0700
+++ new/src/share/classes/java/security/cert/PKIXParameters.java 2013-06-21 18:30:01.637762629 -0700
@@ -38,34 +38,34 @@
import java.util.Set;
/**
- * Parameters used as input for the PKIX CertPathValidator
+ * Parameters used as input for the PKIX {@code CertPathValidator}
* algorithm.
* CertPathValidator uses these parameters to
- * validate a CertPath according to the PKIX certification path
+ * A PKIX {@code CertPathValidator} uses these parameters to
+ * validate a {@code CertPath} according to the PKIX certification path
* validation algorithm.
*
- * PKIXParameters object, an
+ * Set of TrustAnchor objects, each
+ * specifying a {@code Set} of {@code TrustAnchor} objects, each
* of which identify a most-trusted CA. Alternatively, an application can call
* {@link #PKIXParameters(KeyStore) PKIXParameters(KeyStore)}, specifying a
- * KeyStore instance containing trusted certificate entries, each
+ * {@code KeyStore} instance containing trusted certificate entries, each
* of which will be considered as a most-trusted CA.
* PKIXParameters object has been created, other parameters
+ * Once a {@code PKIXParameters} object has been created, other parameters
* can be specified (by calling {@link #setInitialPolicies setInitialPolicies}
* or {@link #setDate setDate}, for instance) and then the
- * PKIXParameters is passed along with the CertPath
+ * {@code PKIXParameters} is passed along with the {@code CertPath}
* to be validated to {@link CertPathValidator#validate
* CertPathValidator.validate}.
* null) will
+ * Any parameter that is not set (or is set to {@code null}) will
* be set to the default value for that parameter. The default value for the
- * date parameter is null, which indicates
+ * {@code date} parameter is {@code null}, which indicates
* the current time when the path is validated. The default for the
* remaining parameters is the least constrained.
* PKIXParameters with the specified
- * Set of most-trusted CAs. Each element of the
+ * Creates an instance of {@code PKIXParameters} with the specified
+ * {@code Set} of most-trusted CAs. Each element of the
* set is a {@link TrustAnchor TrustAnchor}.
* Set is copied to protect against
+ * Note that the {@code Set} is copied to protect against
* subsequent modifications.
*
- * @param trustAnchors a Set of TrustAnchors
+ * @param trustAnchors a {@code Set} of {@code TrustAnchor}s
* @throws InvalidAlgorithmParameterException if the specified
- * Set is empty (trustAnchors.isEmpty() == true)
- * @throws NullPointerException if the specified Set is
- * null
- * @throws ClassCastException if any of the elements in the Set
- * are not of type java.security.cert.TrustAnchor
+ * {@code Set} is empty {@code (trustAnchors.isEmpty() == true)}
+ * @throws NullPointerException if the specified {@code Set} is
+ * {@code null}
+ * @throws ClassCastException if any of the elements in the {@code Set}
+ * are not of type {@code java.security.cert.TrustAnchor}
*/
public PKIXParameters(SetPKIXParameters that
+ * Creates an instance of {@code PKIXParameters} that
* populates the set of most-trusted CAs from the trusted
- * certificate entries contained in the specified KeyStore.
- * Only keystore entries that contain trusted X509Certificates
+ * certificate entries contained in the specified {@code KeyStore}.
+ * Only keystore entries that contain trusted {@code X509Certificates}
* are considered; all other certificate types are ignored.
*
- * @param keystore a KeyStore from which the set of
+ * @param keystore a {@code KeyStore} from which the set of
* most-trusted CAs will be populated
* @throws KeyStoreException if the keystore has not been initialized
* @throws InvalidAlgorithmParameterException if the keystore does
* not contain at least one trusted certificate entry
- * @throws NullPointerException if the keystore is null
+ * @throws NullPointerException if the keystore is {@code null}
*/
public PKIXParameters(KeyStore keystore)
throws KeyStoreException, InvalidAlgorithmParameterException
@@ -161,11 +161,11 @@
}
/**
- * Returns an immutable Set of the most-trusted
+ * Returns an immutable {@code Set} of the most-trusted
* CAs.
*
- * @return an immutable Set of TrustAnchors
- * (never null)
+ * @return an immutable {@code Set} of {@code TrustAnchor}s
+ * (never {@code null})
*
* @see #setTrustAnchors
*/
@@ -174,18 +174,18 @@
}
/**
- * Sets the Set of most-trusted CAs.
+ * Sets the {@code Set} of most-trusted CAs.
* Set is copied to protect against
+ * Note that the {@code Set} is copied to protect against
* subsequent modifications.
*
- * @param trustAnchors a Set of TrustAnchors
+ * @param trustAnchors a {@code Set} of {@code TrustAnchor}s
* @throws InvalidAlgorithmParameterException if the specified
- * Set is empty (trustAnchors.isEmpty() == true)
- * @throws NullPointerException if the specified Set is
- * null
+ * {@code Set} is empty {@code (trustAnchors.isEmpty() == true)}
+ * @throws NullPointerException if the specified {@code Set} is
+ * {@code null}
* @throws ClassCastException if any of the elements in the set
- * are not of type java.security.cert.TrustAnchor
+ * are not of type {@code java.security.cert.TrustAnchor}
*
* @see #getTrustAnchors
*/
@@ -211,16 +211,16 @@
}
/**
- * Returns an immutable Set of initial
+ * Returns an immutable {@code Set} of initial
* policy identifiers (OID strings), indicating that any one of these
* policies would be acceptable to the certificate user for the purposes of
* certification path processing. The default return value is an empty
- * Set, which is interpreted as meaning that any policy would
+ * {@code Set}, which is interpreted as meaning that any policy would
* be acceptable.
*
- * @return an immutable Set of initial policy OIDs in
- * String format, or an empty Set (implying any
- * policy is acceptable). Never returns null.
+ * @return an immutable {@code Set} of initial policy OIDs in
+ * {@code String} format, or an empty {@code Set} (implying any
+ * policy is acceptable). Never returns {@code null}.
*
* @see #setInitialPolicies
*/
@@ -229,21 +229,21 @@
}
/**
- * Sets the Set of initial policy identifiers
+ * Sets the {@code Set} of initial policy identifiers
* (OID strings), indicating that any one of these
* policies would be acceptable to the certificate user for the purposes of
* certification path processing. By default, any policy is acceptable
* (i.e. all policies), so a user that wants to allow any policy as
* acceptable does not need to call this method, or can call it
- * with an empty Set (or null).
+ * with an empty {@code Set} (or {@code null}).
* Set is copied to protect against
+ * Note that the {@code Set} is copied to protect against
* subsequent modifications.
*
- * @param initialPolicies a Set of initial policy
- * OIDs in String format (or null)
+ * @param initialPolicies a {@code Set} of initial policy
+ * OIDs in {@code String} format (or {@code null})
* @throws ClassCastException if any of the elements in the set are
- * not of type String
+ * not of type {@code String}
*
* @see #getInitialPolicies
*/
@@ -262,19 +262,19 @@
}
/**
- * Sets the list of CertStores to be used in finding
- * certificates and CRLs. May be null, in which case
- * no CertStores will be used. The first
- * CertStores in the list may be preferred to those that
+ * Sets the list of {@code CertStore}s to be used in finding
+ * certificates and CRLs. May be {@code null}, in which case
+ * no {@code CertStore}s will be used. The first
+ * {@code CertStore}s in the list may be preferred to those that
* appear later.
* List is copied to protect against
+ * Note that the {@code List} is copied to protect against
* subsequent modifications.
*
- * @param stores a List of CertStores (or
- * null)
+ * @param stores a {@code List} of {@code CertStore}s (or
+ * {@code null})
* @throws ClassCastException if any of the elements in the list are
- * not of type java.security.cert.CertStore
+ * not of type {@code java.security.cert.CertStore}
*
* @see #getCertStores
*/
@@ -293,10 +293,10 @@
}
/**
- * Adds a CertStore to the end of the list of
- * CertStores used in finding certificates and CRLs.
+ * Adds a {@code CertStore} to the end of the list of
+ * {@code CertStore}s used in finding certificates and CRLs.
*
- * @param store the CertStore to add. If null,
+ * @param store the {@code CertStore} to add. If {@code null},
* the store is ignored (not added to list).
*/
public void addCertStore(CertStore store) {
@@ -306,11 +306,11 @@
}
/**
- * Returns an immutable List of CertStores that
+ * Returns an immutable {@code List} of {@code CertStore}s that
* are used to find certificates and CRLs.
*
- * @return an immutable List of CertStores
- * (may be empty, but never null)
+ * @return an immutable {@code List} of {@code CertStore}s
+ * (may be empty, but never {@code null})
*
* @see #setCertStores
*/
@@ -325,7 +325,7 @@
* will be used. If this flag is false, the default revocation checking
* mechanism will be disabled (not used).
* PKIXParameters object is created, this flag is set
+ * When a {@code PKIXParameters} object is created, this flag is set
* to true. This setting reflects the most common strategy for checking
* revocation, since each service provider must support revocation
* checking to be PKIX compliant. Sophisticated applications should set
@@ -360,8 +360,8 @@
* acceptable policy needs to be explicitly identified in every certificate.
* By default, the ExplicitPolicyRequired flag is false.
*
- * @param val true if explicit policy is to be required,
- * false otherwise
+ * @param val {@code true} if explicit policy is to be required,
+ * {@code false} otherwise
*/
public void setExplicitPolicyRequired(boolean val) {
explicitPolicyRequired = val;
@@ -372,8 +372,8 @@
* acceptable policy needs to be explicitly identified in every certificate.
* By default, the ExplicitPolicyRequired flag is false.
*
- * @return true if explicit policy is required,
- * false otherwise
+ * @return {@code true} if explicit policy is required,
+ * {@code false} otherwise
*/
public boolean isExplicitPolicyRequired() {
return explicitPolicyRequired;
@@ -384,8 +384,8 @@
* mapping is inhibited. By default, policy mapping is not inhibited (the
* flag is false).
*
- * @param val true if policy mapping is to be inhibited,
- * false otherwise
+ * @param val {@code true} if policy mapping is to be inhibited,
+ * {@code false} otherwise
*/
public void setPolicyMappingInhibited(boolean val) {
policyMappingInhibited = val;
@@ -406,10 +406,10 @@
* Sets state to determine if the any policy OID should be processed
* if it is included in a certificate. By default, the any policy OID
* is not inhibited ({@link #isAnyPolicyInhibited isAnyPolicyInhibited()}
- * returns false).
+ * returns {@code false}).
*
- * @param val true if the any policy OID is to be
- * inhibited, false otherwise
+ * @param val {@code true} if the any policy OID is to be
+ * inhibited, {@code false} otherwise
*/
public void setAnyPolicyInhibited(boolean val) {
anyPolicyInhibited = val;
@@ -419,8 +419,8 @@
* Checks whether the any policy OID should be processed if it
* is included in a certificate.
*
- * @return true if the any policy OID is inhibited,
- * false otherwise
+ * @return {@code true} if the any policy OID is inhibited,
+ * {@code false} otherwise
*/
public boolean isAnyPolicyInhibited() {
return anyPolicyInhibited;
@@ -432,7 +432,7 @@
* policies extension that is marked critical are rejected.
* If the flag is false, certificates are not rejected on this basis.
*
- * PKIXParameters object is created, this flag is
+ * PKIXParameters object is created, this flag is
+ * null, the current time is used.
+ * should be determined. If {@code null}, the current time is used.
* Date returned is copied to protect against
+ * Note that the {@code Date} returned is copied to protect against
* subsequent modifications.
*
- * @return the Date, or null if not set
+ * @return the {@code Date}, or {@code null} if not set
* @see #setDate
*/
public Date getDate() {
@@ -490,12 +490,12 @@
/**
* Sets the time for which the validity of the certification path
- * should be determined. If null, the current time is used.
+ * should be determined. If {@code null}, the current time is used.
* Date supplied here is copied to protect
+ * Note that the {@code Date} supplied here is copied to protect
* against subsequent modifications.
*
- * @param date the Date, or null for the
+ * @param date the {@code Date}, or {@code null} for the
* current time
* @see #getDate
*/
@@ -507,39 +507,39 @@
}
/**
- * Sets a List of additional certification path checkers. If
- * the specified List contains an object that is not a
- * PKIXCertPathChecker, it is ignored.
+ * Sets a {@code List} of additional certification path checkers. If
+ * the specified {@code List} contains an object that is not a
+ * {@code PKIXCertPathChecker}, it is ignored.
* PKIXCertPathChecker specified implements
+ * Each {@code PKIXCertPathChecker} specified implements
* additional checks on a certificate. Typically, these are checks to
* process and verify private extensions contained in certificates.
- * Each PKIXCertPathChecker should be instantiated with any
+ * Each {@code PKIXCertPathChecker} should be instantiated with any
* initialization parameters needed to execute the check.
* CertPathValidator or CertPathBuilder.
- * Each of the specified PKIXCertPathCheckers will be called,
- * in turn, by a PKIX CertPathValidator or
- * CertPathBuilder for each certificate processed or
+ * {@code CertPathValidator} or {@code CertPathBuilder}.
+ * Each of the specified {@code PKIXCertPathChecker}s will be called,
+ * in turn, by a PKIX {@code CertPathValidator} or
+ * {@code CertPathBuilder} for each certificate processed or
* validated.
* PKIXCertPathCheckers
- * are set, a PKIX CertPathValidator or
- * CertPathBuilder must perform all of the required PKIX
+ * Regardless of whether these additional {@code PKIXCertPathChecker}s
+ * are set, a PKIX {@code CertPathValidator} or
+ * {@code CertPathBuilder} must perform all of the required PKIX
* checks on each certificate. The one exception to this rule is if the
* RevocationEnabled flag is set to false (see the {@link
* #setRevocationEnabled setRevocationEnabled} method).
* List supplied here is copied and each
- * PKIXCertPathChecker in the list is cloned to protect
+ * Note that the {@code List} supplied here is copied and each
+ * {@code PKIXCertPathChecker} in the list is cloned to protect
* against subsequent modifications.
*
- * @param checkers a List of PKIXCertPathCheckers.
- * May be null, in which case no additional checkers will be
+ * @param checkers a {@code List} of {@code PKIXCertPathChecker}s.
+ * May be {@code null}, in which case no additional checkers will be
* used.
* @throws ClassCastException if any of the elements in the list
- * are not of type java.security.cert.PKIXCertPathChecker
+ * are not of type {@code java.security.cert.PKIXCertPathChecker}
* @see #getCertPathCheckers
*/
public void setCertPathCheckers(ListList of certification path checkers.
- * The returned List is immutable, and each
- * PKIXCertPathChecker in the List is cloned
+ * Returns the {@code List} of certification path checkers.
+ * The returned {@code List} is immutable, and each
+ * {@code PKIXCertPathChecker} in the {@code List} is cloned
* to protect against subsequent modifications.
*
- * @return an immutable List of
- * PKIXCertPathCheckers (may be empty, but not
- * null)
+ * @return an immutable {@code List} of
+ * {@code PKIXCertPathChecker}s (may be empty, but not
+ * {@code null})
* @see #setCertPathCheckers
*/
public ListPKIXCertPathChecker to the list of certification
+ * Adds a {@code PKIXCertPathChecker} to the list of certification
* path checkers. See the {@link #setCertPathCheckers setCertPathCheckers}
* method for more details.
* PKIXCertPathChecker is cloned to protect
+ * Note that the {@code PKIXCertPathChecker} is cloned to protect
* against subsequent modifications.
*
- * @param checker a PKIXCertPathChecker to add to the list of
- * checks. If null, the checker is ignored (not added to list).
+ * @param checker a {@code PKIXCertPathChecker} to add to the list of
+ * checks. If {@code null}, the checker is ignored (not added to list).
*/
public void addCertPathChecker(PKIXCertPathChecker checker) {
if (checker != null) {
@@ -592,10 +592,10 @@
}
/**
- * Returns the signature provider's name, or null
+ * Returns the signature provider's name, or {@code null}
* if not set.
*
- * @return the signature provider's name (or null)
+ * @return the signature provider's name (or {@code null})
* @see #setSigProvider
*/
public String getSigProvider() {
@@ -605,10 +605,10 @@
/**
* Sets the signature provider's name. The specified provider will be
* preferred when creating {@link java.security.Signature Signature}
- * objects. If null or not set, the first provider found
+ * objects. If {@code null} or not set, the first provider found
* supporting the algorithm will be used.
*
- * @param sigProvider the signature provider's name (or null)
+ * @param sigProvider the signature provider's name (or {@code null})
* @see #getSigProvider
*/
public void setSigProvider(String sigProvider) {
@@ -617,14 +617,14 @@
/**
* Returns the required constraints on the target certificate.
- * The constraints are returned as an instance of CertSelector.
- * If null, no constraints are defined.
+ * The constraints are returned as an instance of {@code CertSelector}.
+ * If {@code null}, no constraints are defined.
*
- * CertSelector returned is cloned
+ * CertSelector specifying the constraints
- * on the target certificate (or null)
+ * @return a {@code CertSelector} specifying the constraints
+ * on the target certificate (or {@code null})
* @see #setTargetCertConstraints
*/
public CertSelector getTargetCertConstraints() {
@@ -638,14 +638,14 @@
/**
* Sets the required constraints on the target certificate.
* The constraints are specified as an instance of
- * CertSelector. If null, no constraints are
+ * {@code CertSelector}. If {@code null}, no constraints are
* defined.
*
- * CertSelector specified is cloned
+ * CertSelector specifying the constraints
- * on the target certificate (or null)
+ * @param selector a {@code CertSelector} specifying the constraints
+ * on the target certificate (or {@code null})
* @see #getTargetCertConstraints
*/
public void setTargetCertConstraints(CertSelector selector) {
@@ -656,10 +656,10 @@
}
/**
- * Makes a copy of this PKIXParameters object. Changes
+ * Makes a copy of this {@code PKIXParameters} object. Changes
* to the copy will not affect the original and vice versa.
*
- * @return a copy of this PKIXParameters object
+ * @return a copy of this {@code PKIXParameters} object
*/
public Object clone() {
try {
--- old/src/share/classes/java/security/cert/PKIXReason.java 2013-06-21 18:30:02.233762617 -0700
+++ new/src/share/classes/java/security/cert/PKIXReason.java 2013-06-21 18:30:02.077762620 -0700
@@ -26,10 +26,10 @@
package java.security.cert;
/**
- * The PKIXReason enumerates the potential PKIX-specific reasons
+ * The {@code PKIXReason} enumerates the potential PKIX-specific reasons
* that an X.509 certification path may be invalid according to the PKIX
* (RFC 3280) standard. These reasons are in addition to those of the
- * CertPathValidatorException.BasicReason enumeration.
+ * {@code CertPathValidatorException.BasicReason} enumeration.
*
* @since 1.7
*/
--- old/src/share/classes/java/security/cert/PolicyNode.java 2013-06-21 18:30:02.629762609 -0700
+++ new/src/share/classes/java/security/cert/PolicyNode.java 2013-06-21 18:30:02.473762612 -0700
@@ -41,7 +41,7 @@
*
* PKIXParameters. However,
+ * policy-related parameters in {@code PKIXParameters}. However,
* the valid policy tree is available for more sophisticated applications,
* especially those that process policy qualifiers.
*
@@ -50,12 +50,12 @@
* valid policy tree. The tree can be traversed using the
* {@link #getChildren getChildren} and {@link #getParent getParent} methods.
* Data about a particular node can be retrieved using other methods of
- * PolicyNode.
+ * {@code PolicyNode}.
*
* PolicyNode objects must be immutable and
+ * PolicyNode object (or more than one)
+ * in this class on a single {@code PolicyNode} object (or more than one)
* with no ill effects. This stipulation applies to all public fields and
* methods of this class and any added or overridden by subclasses.
*
@@ -65,10 +65,10 @@
public interface PolicyNode {
/**
- * Returns the parent of this node, or null if this is the
+ * Returns the parent of this node, or {@code null} if this is the
* root node.
*
- * @return the parent of this node, or null if this is the
+ * @return the parent of this node, or {@code null} if this is the
* root node
*/
PolicyNode getParent();
@@ -76,8 +76,8 @@
/**
* Returns an iterator over the children of this node. Any attempts to
* modify the children of this node through the
- * Iterator's remove method must throw an
- * UnsupportedOperationException.
+ * {@code Iterator}'s remove method must throw an
+ * {@code UnsupportedOperationException}.
*
* @return an iterator over the children of this node
*/
@@ -94,7 +94,7 @@
/**
* Returns the valid policy represented by this node.
*
- * @return the String OID of the valid policy
+ * @return the {@code String} OID of the valid policy
* represented by this node. For the root node, this method always returns
* the special anyPolicy OID: "2.5.29.32.0".
*/
@@ -104,9 +104,9 @@
* Returns the set of policy qualifiers associated with the
* valid policy represented by this node.
*
- * @return an immutable Set of
- * PolicyQualifierInfos. For the root node, this
- * is always an empty Set.
+ * @return an immutable {@code Set} of
+ * {@code PolicyQualifierInfo}s. For the root node, this
+ * is always an empty {@code Set}.
*/
Set getPolicyQualifiers();
@@ -114,9 +114,9 @@
* Returns the set of expected policies that would satisfy this
* node's valid policy in the next certificate to be processed.
*
- * @return an immutable Set of expected policy
- * String OIDs. For the root node, this method
- * always returns a Set with one element, the
+ * @return an immutable {@code Set} of expected policy
+ * {@code String} OIDs. For the root node, this method
+ * always returns a {@code Set} with one element, the
* special anyPolicy OID: "2.5.29.32.0".
*/
Settrue if extension marked critical,
- * false otherwise. For the root node, false
+ * @return {@code true} if extension marked critical,
+ * {@code false} otherwise. For the root node, {@code false}
* is always returned.
*/
boolean isCritical();
--- old/src/share/classes/java/security/cert/PolicyQualifierInfo.java 2013-06-21 18:30:03.033762600 -0700
+++ new/src/share/classes/java/security/cert/PolicyQualifierInfo.java 2013-06-21 18:30:02.873762604 -0700
@@ -50,12 +50,12 @@
* policy information terms limit the set of policies for certification paths
* which include this certificate.
* Set of PolicyQualifierInfo objects are returned
+ * A {@code Set} of {@code PolicyQualifierInfo} objects are returned
* by the {@link PolicyNode#getPolicyQualifiers PolicyNode.getPolicyQualifiers}
* method. This allows applications with specific policy requirements to
* process and validate each policy qualifier. Applications that need to
* process policy qualifiers should explicitly set the
- * policyQualifiersRejected flag to false (by calling the
+ * {@code policyQualifiersRejected} flag to false (by calling the
* {@link PKIXParameters#setPolicyQualifiersRejected
* PKIXParameters.setPolicyQualifiersRejected} method) before validating
* a certification path.
@@ -64,17 +64,17 @@
* that any policy qualifier in a certificate policies extension that is
* marked critical must be processed and validated. Otherwise the
* certification path must be rejected. If the
- * policyQualifiersRejected flag is set to false, it is up to
+ * {@code policyQualifiersRejected} flag is set to false, it is up to
* the application to validate all policy qualifiers in this manner in order
* to be PKIX compliant.
*
* PolicyQualifierInfo objects must be immutable and
+ * PolicyQualifierInfo
+ * methods defined in this class on a single {@code PolicyQualifierInfo}
* object (or more than one) with no ill effects. Requiring
- * PolicyQualifierInfo objects to be immutable and thread-safe
+ * {@code PolicyQualifierInfo} objects to be immutable and thread-safe
* allows them to be passed around to various pieces of code without
* worrying about coordinating access.
*
@@ -90,7 +90,7 @@
private String pqiString;
/**
- * Creates an instance of PolicyQualifierInfo from the
+ * Creates an instance of {@code PolicyQualifierInfo} from the
* encoded bytes. The encoded byte array is copied on construction.
*
* @param encoded a byte array containing the qualifier in DER encoding
@@ -115,12 +115,12 @@
}
/**
- * Returns the policyQualifierId field of this
- * PolicyQualifierInfo. The policyQualifierId
+ * Returns the {@code policyQualifierId} field of this
+ * {@code PolicyQualifierInfo}. The {@code policyQualifierId}
* is an Object Identifier (OID) represented by a set of nonnegative
* integers separated by periods.
*
- * @return the OID (never null)
+ * @return the OID (never {@code null})
*/
public final String getPolicyQualifierId() {
return mId;
@@ -128,9 +128,9 @@
/**
* Returns the ASN.1 DER encoded form of this
- * PolicyQualifierInfo.
+ * {@code PolicyQualifierInfo}.
*
- * @return the ASN.1 DER encoded bytes (never null).
+ * @return the ASN.1 DER encoded bytes (never {@code null}).
* Note that a copy is returned, so the data is cloned each time
* this method is called.
*/
@@ -139,10 +139,10 @@
}
/**
- * Returns the ASN.1 DER encoded form of the qualifier
- * field of this PolicyQualifierInfo.
+ * Returns the ASN.1 DER encoded form of the {@code qualifier}
+ * field of this {@code PolicyQualifierInfo}.
*
- * @return the ASN.1 DER encoded bytes of the qualifier
+ * @return the ASN.1 DER encoded bytes of the {@code qualifier}
* field. Note that a copy is returned, so the data is cloned each
* time this method is called.
*/
@@ -152,10 +152,10 @@
/**
* Return a printable representation of this
- * PolicyQualifierInfo.
+ * {@code PolicyQualifierInfo}.
*
- * @return a String describing the contents of this
- * PolicyQualifierInfo
+ * @return a {@code String} describing the contents of this
+ * {@code PolicyQualifierInfo}
*/
public String toString() {
if (pqiString != null)
--- old/src/share/classes/java/security/cert/TrustAnchor.java 2013-06-21 18:30:03.437762592 -0700
+++ new/src/share/classes/java/security/cert/TrustAnchor.java 2013-06-21 18:30:03.277762595 -0700
@@ -40,16 +40,16 @@
* for validating X.509 certification paths. A most-trusted CA includes the
* public key of the CA, the CA's name, and any constraints upon the set of
* paths which may be validated using this key. These parameters can be
- * specified in the form of a trusted X509Certificate or as
+ * specified in the form of a trusted {@code X509Certificate} or as
* individual parameters.
* TrustAnchor objects must be immutable and
+ * TrustAnchor
+ * methods defined in this class on a single {@code TrustAnchor}
* object (or more than one) with no ill effects. Requiring
- * TrustAnchor objects to be immutable and thread-safe
+ * {@code TrustAnchor} objects to be immutable and thread-safe
* allows them to be passed around to various pieces of code without
* worrying about coordinating access. This stipulation applies to all
* public fields and methods of this class and any added or overridden
@@ -71,8 +71,8 @@
private NameConstraintsExtension nc;
/**
- * Creates an instance of TrustAnchor with the specified
- * X509Certificate and optional name constraints, which
+ * Creates an instance of {@code TrustAnchor} with the specified
+ * {@code X509Certificate} and optional name constraints, which
* are intended to be used as additional constraints when validating
* an X.509 certification path.
*
+ * }
*
+ * {@code
* NameConstraints ::= SEQUENCE {
* permittedSubtrees [0] GeneralSubtrees OPTIONAL,
* excludedSubtrees [1] GeneralSubtrees OPTIONAL }
@@ -106,20 +106,20 @@
* uniformResourceIdentifier [6] IA5String,
* iPAddress [7] OCTET STRING,
* registeredID [8] OBJECT IDENTIFIER}
- * X509Certificate
+ * @param trustedCert a trusted {@code X509Certificate}
* @param nameConstraints a byte array containing the ASN.1 DER encoding of
* a NameConstraints extension to be used for checking name constraints.
* Only the value of the extension is included, not the OID or criticality
- * flag. Specify null to omit the parameter.
+ * flag. Specify {@code null} to omit the parameter.
* @throws IllegalArgumentException if the name constraints cannot be
* decoded
* @throws NullPointerException if the specified
- * X509Certificate is null
+ * {@code X509Certificate} is {@code null}
*/
public TrustAnchor(X509Certificate trustedCert, byte[] nameConstraints)
{
@@ -134,7 +134,7 @@
}
/**
- * Creates an instance of TrustAnchor where the
+ * Creates an instance of {@code TrustAnchor} where the
* most-trusted CA is specified as an X500Principal and public key.
* Name constraints are an optional parameter, and are intended to be used
* as additional constraints when validating an X.509 certification path.
@@ -155,9 +155,9 @@
* @param nameConstraints a byte array containing the ASN.1 DER encoding of
* a NameConstraints extension to be used for checking name constraints.
* Only the value of the extension is included, not the OID or criticality
- * flag. Specify null to omit the parameter.
- * @throws NullPointerException if the specified caPrincipal or
- * pubKey parameter is null
+ * flag. Specify {@code null} to omit the parameter.
+ * @throws NullPointerException if the specified {@code caPrincipal} or
+ * {@code pubKey} parameter is {@code null}
* @since 1.5
*/
public TrustAnchor(X500Principal caPrincipal, PublicKey pubKey,
@@ -173,7 +173,7 @@
}
/**
- * Creates an instance of TrustAnchor where the
+ * Creates an instance of {@code TrustAnchor} where the
* most-trusted CA is specified as a distinguished name and public key.
* Name constraints are an optional parameter, and are intended to be used
* as additional constraints when validating an X.509 certification path.
@@ -191,17 +191,17 @@
*
* @param caName the X.500 distinguished name of the most-trusted CA in
* RFC 2253
- * String format
+ * {@code String} format
* @param pubKey the public key of the most-trusted CA
* @param nameConstraints a byte array containing the ASN.1 DER encoding of
* a NameConstraints extension to be used for checking name constraints.
* Only the value of the extension is included, not the OID or criticality
- * flag. Specify null to omit the parameter.
- * @throws IllegalArgumentException if the specified
- * caName parameter is empty (caName.length() == 0)
+ * flag. Specify {@code null} to omit the parameter.
+ * @throws IllegalArgumentException if the specified
+ * {@code caName} parameter is empty {@code (caName.length() == 0)}
* or incorrectly formatted or the name constraints cannot be decoded
- * @throws NullPointerException if the specified caName or
- * pubKey parameter is null
+ * @throws NullPointerException if the specified {@code caName} or
+ * {@code pubKey} parameter is {@code null}
*/
public TrustAnchor(String caName, PublicKey pubKey, byte[] nameConstraints)
{
@@ -225,7 +225,7 @@
/**
* Returns the most-trusted CA certificate.
*
- * @return a trusted X509Certificate or null
+ * @return a trusted {@code X509Certificate} or {@code null}
* if the trust anchor was not specified as a trusted certificate
*/
public final X509Certificate getTrustedCert() {
@@ -236,7 +236,7 @@
* Returns the name of the most-trusted CA as an X500Principal.
*
* @return the X.500 distinguished name of the most-trusted CA, or
- * null if the trust anchor was not specified as a trusted
+ * {@code null} if the trust anchor was not specified as a trusted
* public key and name or X500Principal pair
* @since 1.5
*/
@@ -245,11 +245,11 @@
}
/**
- * Returns the name of the most-trusted CA in RFC 2253 String
+ * Returns the name of the most-trusted CA in RFC 2253 {@code String}
* format.
*
* @return the X.500 distinguished name of the most-trusted CA, or
- * null if the trust anchor was not specified as a trusted
+ * {@code null} if the trust anchor was not specified as a trusted
* public key and name or X500Principal pair
*/
public final String getCAName() {
@@ -259,7 +259,7 @@
/**
* Returns the public key of the most-trusted CA.
*
- * @return the public key of the most-trusted CA, or null
+ * @return the public key of the most-trusted CA, or {@code null}
* if the trust anchor was not specified as a trusted public key and name
* or X500Principal pair
*/
@@ -306,16 +306,16 @@
*
* @return a byte array containing the ASN.1 DER encoding of
* a NameConstraints extension used for checking name constraints,
- * or null if not set.
+ * or {@code null} if not set.
*/
public final byte [] getNameConstraints() {
return ncBytes == null ? null : ncBytes.clone();
}
/**
- * Returns a formatted string describing the TrustAnchor.
+ * Returns a formatted string describing the {@code TrustAnchor}.
*
- * @return a formatted string describing the TrustAnchor
+ * @return a formatted string describing the {@code TrustAnchor}
*/
public String toString() {
StringBuffer sb = new StringBuffer();
--- old/src/share/classes/java/security/cert/X509CRL.java 2013-06-21 18:30:03.841762584 -0700
+++ new/src/share/classes/java/security/cert/X509CRL.java 2013-06-21 18:30:03.685762587 -0700
@@ -72,7 +72,7 @@
* RFC 3280: Internet X.509
* Public Key Infrastructure Certificate and CRL Profile.
* tbsCertList is:
+ * The ASN.1 definition of {@code tbsCertList} is:
*
* TBSCertList ::= SEQUENCE {
* version Version OPTIONAL,
@@ -94,12 +94,12 @@
*
*
* @author Hemma Prafullchandra
*
@@ -122,8 +122,8 @@
/**
* Compares this CRL for equality with the given
- * object. If the
+ * }
+ * {@code
* try (InputStream inStream = new FileInputStream("fileName-of-crl")) {
* CertificateFactory cf = CertificateFactory.getInstance("X.509");
* X509CRL crl = (X509CRL)cf.generateCRL(inStream);
* }
- * other object is an
- * instanceof X509CRL, then
+ * object. If the {@code other} object is an
+ * {@code instanceof} {@code X509CRL}, then
* its encoded form is retrieved and compared with the
* encoded form of this CRL.
*
@@ -225,7 +225,7 @@
*
* This method was added to version 1.8 of the Java Platform Standard
* Edition. In order to maintain backwards compatibility with existing
- * service providers, this method is not abstract
+ * service providers, this method is not {@code abstract}
* and it provides a default implementation.
*
* @param key the PublicKey used to carry out the verification.
@@ -245,7 +245,7 @@
}
/**
- * Gets the version (version number) value from the CRL.
+ * Gets the {@code version} (version number) value from the CRL.
* The ASN.1 definition for this is:
*
* version Version OPTIONAL,
@@ -261,12 +261,12 @@
/**
* Denigrated, replaced by {@linkplain
- * #getIssuerX500Principal()}. This method returns the
- * The issuer
+ * #getIssuerX500Principal()}. This method returns the {@code issuer}
* as an implementation specific Principal object, which should not be
* relied upon by portable code.
*
* issuer (issuer distinguished name) value from
+ * Gets the {@code issuer} (issuer distinguished name) value from
* the CRL. The issuer name identifies the entity that signed (and
* issued) the CRL.
*
@@ -287,14 +287,14 @@
* AttributeType ::= OBJECT IDENTIFIER
* AttributeValue ::= ANY
* Name describes a hierarchical name composed of
+ * The {@code Name} describes a hierarchical name composed of
* attributes,
* such as country name, and corresponding values, such as US.
- * The type of the AttributeValue component is determined by
- * the AttributeType; in general it will be a
- * directoryString. A directoryString is usually
- * one of PrintableString,
- * TeletexString or UniversalString.
+ * The type of the {@code AttributeValue} component is determined by
+ * the {@code AttributeType}; in general it will be a
+ * {@code directoryString}. A {@code directoryString} is usually
+ * one of {@code PrintableString},
+ * {@code TeletexString} or {@code UniversalString}.
*
* @return a Principal whose name is the issuer distinguished name.
*/
@@ -302,11 +302,11 @@
/**
* Returns the issuer (issuer distinguished name) value from the
- * CRL as an X500Principal.
+ * CRL as an {@code X500Principal}.
* X500Principal representing the issuer
+ * @return an {@code X500Principal} representing the issuer
* distinguished name
* @since 1.4
*/
@@ -318,7 +318,7 @@
}
/**
- * Gets the thisUpdate date from the CRL.
+ * Gets the {@code thisUpdate} date from the CRL.
* The ASN.1 definition for this is:
*
* thisUpdate ChoiceOfTime
@@ -327,14 +327,14 @@
* generalTime GeneralizedTime }
*
*
- * @return the thisUpdate date from the CRL.
+ * @return the {@code thisUpdate} date from the CRL.
*/
public abstract Date getThisUpdate();
/**
- * Gets the nextUpdate date from the CRL.
+ * Gets the {@code nextUpdate} date from the CRL.
*
- * @return the nextUpdate date from the CRL, or null if
+ * @return the {@code nextUpdate} date from the CRL, or null if
* not present.
*/
public abstract Date getNextUpdate();
@@ -388,7 +388,7 @@
/**
* Gets the DER-encoded CRL information, the
- * tbsCertList from this CRL.
+ * {@code tbsCertList} from this CRL.
* This can be used to verify the signature independently.
*
* @return the DER-encoded CRL information.
@@ -397,7 +397,7 @@
public abstract byte[] getTBSCertList() throws CRLException;
/**
- * Gets the signature value (the raw signature bits) from
+ * Gets the {@code signature} value (the raw signature bits) from
* the CRL.
* The ASN.1 definition for this is:
*
@@ -422,7 +422,7 @@
* -- algorithm object identifier value
*
*
- * algorithm
+ * other object is an
- * instanceof X509CRLEntry, then
+ * object. If the {@code other} object is an
+ * {@code instanceof} {@code X509CRLEntry}, then
* its encoded form (the inner SEQUENCE) is retrieved and compared
* with the encoded form of this CRL entry.
*
@@ -178,7 +178,7 @@
* in the Reason Code extension of this CRL entry.
*
* @return the reason the certificate has been revoked, or
- * null if this CRL entry does not have
+ * {@code null} if this CRL entry does not have
* a Reason Code extension
* @since 1.7
*/
--- old/src/share/classes/java/security/cert/X509CRLSelector.java 2013-06-21 18:30:04.657762567 -0700
+++ new/src/share/classes/java/security/cert/X509CRLSelector.java 2013-06-21 18:30:04.501762570 -0700
@@ -37,18 +37,18 @@
import sun.security.x509.X500Name;
/**
- * A CRLSelector that selects X509CRLs that
+ * A {@code CRLSelector} that selects {@code X509CRLs} that
* match all specified criteria. This class is particularly useful when
- * selecting CRLs from a CertStore to check revocation status
+ * selecting CRLs from a {@code CertStore} to check revocation status
* of a particular certificate.
* X509CRLSelector has no criteria
- * enabled and each of the get methods return a default
- * value (null). Therefore, the {@link #match match} method
- * would return true for any X509CRL. Typically,
+ * When first constructed, an {@code X509CRLSelector} has no criteria
+ * enabled and each of the {@code get} methods return a default
+ * value ({@code null}). Therefore, the {@link #match match} method
+ * would return {@code true} for any {@code X509CRL}. Typically,
* several criteria are enabled (by calling {@link #setIssuers setIssuers}
* or {@link #setDateAndTime setDateAndTime}, for instance) and then the
- * X509CRLSelector is passed to
+ * {@code X509CRLSelector} is passed to
* {@link CertStore#getCRLs CertStore.getCRLs} or some similar
* method.
* X509CRLSelector. Initially, no criteria are set
- * so any X509CRL will match.
+ * Creates an {@code X509CRLSelector}. Initially, no criteria are set
+ * so any {@code X509CRL} will match.
*/
public X509CRLSelector() {}
/**
* Sets the issuerNames criterion. The issuer distinguished name in the
- * X509CRL must match at least one of the specified
- * distinguished names. If null, any issuer distinguished name
+ * {@code X509CRL} must match at least one of the specified
+ * distinguished names. If {@code null}, any issuer distinguished name
* will do.
* X509CRLs may contain.
+ * the complete set of issuer names which {@code X509CRLs} may contain.
* The specified value replaces the previous value for the issuerNames
* criterion.
* names parameter (if not null) is a
- * Collection of X500Principals.
+ * The {@code names} parameter (if not {@code null}) is a
+ * {@code Collection} of {@code X500Principal}s.
* names parameter can contain duplicate
+ * Note that the {@code names} parameter can contain duplicate
* distinguished names, but they may be removed from the
- * Collection of names returned by the
+ * {@code Collection} of names returned by the
* {@link #getIssuers getIssuers} method.
* Collection to
+ * Note that a copy is performed on the {@code Collection} to
* protect against subsequent modifications.
*
- * @param issuers a Collection of X500Principals
- * (or null)
+ * @param issuers a {@code Collection} of X500Principals
+ * (or {@code null})
* @see #getIssuers
* @since 1.5
*/
@@ -138,31 +138,31 @@
* this method. See {@link #addIssuerName(String)} for more information.
* X509CRL must match at least one of the specified
- * distinguished names. If null, any issuer distinguished name
+ * {@code X509CRL} must match at least one of the specified
+ * distinguished names. If {@code null}, any issuer distinguished name
* will do.
* X509CRLs may contain.
+ * the complete set of issuer names which {@code X509CRLs} may contain.
* The specified value replaces the previous value for the issuerNames
* criterion.
* names parameter (if not null) is a
- * Collection of names. Each name is a String
+ * The {@code names} parameter (if not {@code null}) is a
+ * {@code Collection} of names. Each name is a {@code String}
* or a byte array representing a distinguished name (in
* RFC 2253 or
- * ASN.1 DER encoded form, respectively). If null is supplied
+ * ASN.1 DER encoded form, respectively). If {@code null} is supplied
* as the value for this argument, no issuerNames check will be performed.
* names parameter can contain duplicate
+ * Note that the {@code names} parameter can contain duplicate
* distinguished names, but they may be removed from the
- * Collection of names returned by the
+ * {@code Collection} of names returned by the
* {@link #getIssuerNames getIssuerNames} method.
*
+ * }
*
+ * {@code
* Name ::= CHOICE {
* RDNSequence }
*
@@ -185,12 +185,12 @@
* universalString UniversalString (SIZE (1..MAX)),
* utf8String UTF8String (SIZE (1.. MAX)),
* bmpString BMPString (SIZE (1..MAX)) }
- * Collection to
+ * Note that a deep copy is performed on the {@code Collection} to
* protect against subsequent modifications.
*
- * @param names a Collection of names (or null)
+ * @param names a {@code Collection} of names (or {@code null})
* @throws IOException if a parsing error occurs
* @see #getIssuerNames
*/
@@ -208,11 +208,11 @@
/**
* Adds a name to the issuerNames criterion. The issuer distinguished
- * name in the X509CRL must match at least one of the specified
+ * name in the {@code X509CRL} must match at least one of the specified
* distinguished names.
* X509CRLs may contain. The specified name is added to
+ * which {@code X509CRLs} may contain. The specified name is added to
* any previous value for the issuerNames criterion.
* If the specified name is a duplicate, it may be ignored.
*
@@ -232,11 +232,11 @@
* names.
* X509CRL must match at least one of the specified
+ * name in the {@code X509CRL} must match at least one of the specified
* distinguished names.
* X509CRLs may contain. The specified name is added to
+ * which {@code X509CRLs} may contain. The specified name is added to
* any previous value for the issuerNames criterion.
* If the specified name is a duplicate, it may be ignored.
*
@@ -249,11 +249,11 @@
/**
* Adds a name to the issuerNames criterion. The issuer distinguished
- * name in the X509CRL must match at least one of the specified
+ * name in the {@code X509CRL} must match at least one of the specified
* distinguished names.
* X509CRLs may contain. The specified name is added to
+ * which {@code X509CRLs} may contain. The specified name is added to
* any previous value for the issuerNames criterion. If the specified name
* is a duplicate, it may be ignored.
* If a name is specified as a byte array, it should contain a single DER
@@ -279,7 +279,7 @@
/**
* A private method that adds a name (String or byte array) to the
* issuerNames criterion. The issuer distinguished
- * name in the X509CRL must match at least one of the specified
+ * name in the {@code X509CRL} must match at least one of the specified
* distinguished names.
*
* @param name the name in string or byte array form
@@ -301,11 +301,11 @@
* Clone and check an argument of the form passed to
* setIssuerNames. Throw an IOException if the argument is malformed.
*
- * @param names a Collection of names. Each entry is a
+ * @param names a {@code Collection} of names. Each entry is a
* String or a byte array (the name, in string or ASN.1
- * DER encoded form, respectively). null is
+ * DER encoded form, respectively). {@code null} is
* not an acceptable value.
- * @return a deep copy of the specified Collection
+ * @return a deep copy of the specified {@code Collection}
* @throws IOException if a parsing error occurs
*/
private static HashSet