--- old/src/share/classes/java/security/cert/X509Certificate.java 2013-06-21 18:30:05.629762547 -0700 +++ new/src/share/classes/java/security/cert/X509Certificate.java 2013-06-21 18:30:05.469762551 -0700 @@ -66,7 +66,7 @@ * RFC 3280: Internet X.509 * Public Key Infrastructure Certificate and CRL Profile. *
- * The ASN.1 definition of tbsCertificate
is:
+ * The ASN.1 definition of {@code tbsCertificate} is:
*
* TBSCertificate ::= SEQUENCE { * version [0] EXPLICIT Version DEFAULT v1, @@ -151,9 +151,9 @@ * is valid at that date/time. * * @exception CertificateExpiredException if the certificate has expired - * with respect to thedate
supplied. + * with respect to the {@code date} supplied. * @exception CertificateNotYetValidException if the certificate is not - * yet valid with respect to thedate
supplied. + * yet valid with respect to the {@code date} supplied. * * @see #checkValidity() */ @@ -161,7 +161,7 @@ throws CertificateExpiredException, CertificateNotYetValidException; /** - * Gets theversion
(version number) value from the + * Gets the {@code version} (version number) value from the * certificate. * The ASN.1 definition for this is: *@@ -173,7 +173,7 @@ public abstract int getVersion(); /** - * Gets the- * TheserialNumber
value from the certificate. + * Gets the {@code serialNumber} value from the certificate. * The serial number is an integer assigned by the certification * authority to each certificate. It must be unique for each * certificate issued by a given CA (i.e., the issuer name and @@ -191,12 +191,12 @@ /** * Denigrated, replaced by {@linkplain - * #getIssuerX500Principal()}. This method returns theissuer
+ * #getIssuerX500Principal()}. This method returns the {@code issuer} * as an implementation specific Principal object, which should not be * relied upon by portable code. * *- * Gets the
issuer
(issuer distinguished name) value from + * Gets the {@code issuer} (issuer distinguished name) value from * the certificate. The issuer name identifies the entity that signed (and * issued) the certificate. * @@ -217,14 +217,14 @@ * AttributeType ::= OBJECT IDENTIFIER * AttributeValue ::= ANY *Name
describes a hierarchical name composed of + * The {@code Name} describes a hierarchical name composed of * attributes, * such as country name, and corresponding values, such as US. - * The type of theAttributeValue
component is determined by - * theAttributeType
; in general it will be a - *directoryString
. AdirectoryString
is usually - * one ofPrintableString
, - *TeletexString
orUniversalString
. + * The type of the {@code AttributeValue} component is determined by + * the {@code AttributeType}; in general it will be a + * {@code directoryString}. A {@code directoryString} is usually + * one of {@code PrintableString}, + * {@code TeletexString} or {@code UniversalString}. * * @return a Principal whose name is the issuer distinguished name. */ @@ -232,11 +232,11 @@ /** * Returns the issuer (issuer distinguished name) value from the - * certificate as anX500Principal
. + * certificate as an {@code X500Principal}. ** It is recommended that subclasses override this method. * - * @return an
X500Principal
representing the issuer + * @return an {@code X500Principal} representing the issuer * distinguished name * @since 1.4 */ @@ -249,22 +249,22 @@ /** * Denigrated, replaced by {@linkplain - * #getSubjectX500Principal()}. This method returns thesubject
+ * #getSubjectX500Principal()}. This method returns the {@code subject} * as an implementation specific Principal object, which should not be * relied upon by portable code. * *- * Gets the
subject
(subject distinguished name) value - * from the certificate. If thesubject
value is empty, - * then thegetName()
method of the returned - *Principal
object returns an empty string (""). + * Gets the {@code subject} (subject distinguished name) value + * from the certificate. If the {@code subject} value is empty, + * then the {@code getName()} method of the returned + * {@code Principal} object returns an empty string (""). * *The ASN.1 definition for this is: *
* subject Name ** - *See {@link #getIssuerDN() getIssuerDN} for
Name
+ *See {@link #getIssuerDN() getIssuerDN} for {@code Name} * and other relevant definitions. * * @return a Principal whose name is the subject name. @@ -273,13 +273,13 @@ /** * Returns the subject (subject distinguished name) value from the - * certificate as an
X500Principal
. If the subject value - * is empty, then thegetName()
method of the returned - *X500Principal
object returns an empty string (""). + * certificate as an {@code X500Principal}. If the subject value + * is empty, then the {@code getName()} method of the returned + * {@code X500Principal} object returns an empty string (""). ** It is recommended that subclasses override this method. * - * @return an
X500Principal
representing the subject + * @return an {@code X500Principal} representing the subject * distinguished name * @since 1.4 */ @@ -291,7 +291,7 @@ } /** - * Gets thenotBefore
date from the validity period of + * Gets the {@code notBefore} date from the validity period of * the certificate. * The relevant ASN.1 definitions are: *@@ -311,7 +311,7 @@ public abstract Date getNotBefore(); /** - * Gets thenotAfter
date from the validity period of + * Gets the {@code notAfter} date from the validity period of * the certificate. See {@link #getNotBefore() getNotBefore} * for relevant ASN.1 definitions. * @@ -322,7 +322,7 @@ /** * Gets the DER-encoded certificate information, the - *tbsCertificate
from this certificate. + * {@code tbsCertificate} from this certificate. * This can be used to verify the signature independently. * * @return the DER-encoded certificate information. @@ -332,7 +332,7 @@ throws CertificateEncodingException; /** - * Gets thesignature
value (the raw signature bits) from + * Gets the {@code signature} value (the raw signature bits) from * the certificate. * The ASN.1 definition for this is: *@@ -357,7 +357,7 @@ * -- algorithm object identifier value ** - *The algorithm name is determined from the
algorithm
+ *The algorithm name is determined from the {@code algorithm} * OID string. * * @return the signature algorithm name. @@ -400,7 +400,7 @@ public abstract byte[] getSigAlgParams(); /** - * Gets the
issuerUniqueID
value from the certificate. + * Gets the {@code issuerUniqueID} value from the certificate. * The issuer unique identifier is present in the certificate * to handle the possibility of reuse of issuer names over time. * RFC 3280 recommends that names not be reused and that @@ -420,7 +420,7 @@ public abstract boolean[] getIssuerUniqueID(); /** - * Gets thesubjectUniqueID
value from the certificate. + * Gets the {@code subjectUniqueID} value from the certificate. * *The ASN.1 definition for this is: *
@@ -435,7 +435,7 @@ /** * Gets a boolean array representing bits of - * the* - * @return the value ofKeyUsage
extension, (OID = 2.5.29.15). + * the {@code KeyUsage} extension, (OID = 2.5.29.15). * The key usage extension defines the purpose (e.g., encipherment, * signature, certificate signing) of the key contained in the * certificate. @@ -467,7 +467,7 @@ /** * Gets an unmodifiable list of Strings representing the OBJECT - * IDENTIFIERs of theExtKeyUsageSyntax
field of the + * IDENTIFIERs of the {@code ExtKeyUsageSyntax} field of the * extended key usage extension, (OID = 2.5.29.37). It indicates * one or more purposes for which the certified public key may be * used, in addition to or in place of the basic purposes @@ -486,7 +486,7 @@ ** This method was added to version 1.4 of the Java 2 Platform Standard * Edition. In order to maintain backwards compatibility with existing - * service providers, this method is not
abstract
+ * service providers, this method is not {@code abstract} * and it provides a default implementation. Subclasses * should override this method with a correct implementation. * @@ -503,13 +503,13 @@ /** * Gets the certificate constraints path length from the - * criticalBasicConstraints
extension, (OID = 2.5.29.19). + * critical {@code BasicConstraints} extension, (OID = 2.5.29.19). ** The basic constraints extension identifies whether the subject * of the certificate is a Certificate Authority (CA) and * how deep a certification path may exist through that CA. The - *
pathLenConstraint
field (see below) is meaningful - * only ifcA
is set to TRUE. In this case, it gives the + * {@code pathLenConstraint} field (see below) is meaningful + * only if {@code cA} is set to TRUE. In this case, it gives the * maximum number of CA certificates that may follow this certificate in a * certification path. A value of zero indicates that only an end-entity * certificate may follow in the path. @@ -521,21 +521,21 @@ * pathLenConstraint INTEGER (0..MAX) OPTIONAL } *pathLenConstraint
if the + * @return the value of {@code pathLenConstraint} if the * BasicConstraints extension is present in the certificate and the * subject of the certificate is a CA, otherwise -1. * If the subject of the certificate is a CA and - *pathLenConstraint
does not appear, - *Integer.MAX_VALUE
is returned to indicate that there is no + * {@code pathLenConstraint} does not appear, + * {@code Integer.MAX_VALUE} is returned to indicate that there is no * limit to the allowed length of the certification path. */ public abstract int getBasicConstraints(); /** * Gets an immutable collection of subject alternative names from the - *SubjectAltName
extension, (OID = 2.5.29.17). + * {@code SubjectAltName} extension, (OID = 2.5.29.17). *- * The ASN.1 definition of the
SubjectAltName
extension is: + * The ASN.1 definition of the {@code SubjectAltName} extension is: ** SubjectAltName ::= GeneralNames * @@ -553,23 +553,23 @@ * registeredID [8] OBJECT IDENTIFIER} **- * If this certificate does not contain a
SubjectAltName
- * extension,null
is returned. Otherwise, a - *Collection
is returned with an entry representing each - *GeneralName
included in the extension. Each entry is a - *List
whose first entry is anInteger
- * (the name type, 0-8) and whose second entry is aString
+ * If this certificate does not contain a {@code SubjectAltName} + * extension, {@code null} is returned. Otherwise, a + * {@code Collection} is returned with an entry representing each + * {@code GeneralName} included in the extension. Each entry is a + * {@code List} whose first entry is an {@code Integer} + * (the name type, 0-8) and whose second entry is a {@code String} * or a byte array (the name, in string or ASN.1 DER encoded form, * respectively). ** RFC 822, DNS, and URI - * names are returned as
String
s, + * names are returned as {@code String}s, * using the well-established string formats for those types (subject to * the restrictions included in RFC 3280). IPv4 address names are * returned using dotted quad notation. IPv6 address names are returned * in the form "a1:a2:...:a8", where a1-a8 are hexadecimal values * representing the eight 16-bit pieces of the address. OID names are - * returned asString
s represented as a series of nonnegative + * returned as {@code String}s represented as a series of nonnegative * integers separated by periods. And directory names (distinguished names) * are returned in * RFC 2253 string format. No standard string format is @@ -577,19 +577,19 @@ * other type of names. They are returned as byte arrays * containing the ASN.1 DER encoded form of the name. *- * Note that the
Collection
returned may contain more + * Note that the {@code Collection} returned may contain more * than one name of the same type. Also, note that the returned - *Collection
is immutable and any entries containing byte + * {@code Collection} is immutable and any entries containing byte * arrays are cloned to protect against subsequent modifications. ** This method was added to version 1.4 of the Java 2 Platform Standard * Edition. In order to maintain backwards compatibility with existing - * service providers, this method is not
abstract
+ * service providers, this method is not {@code abstract} * and it provides a default implementation. Subclasses * should override this method with a correct implementation. * - * @return an immutableCollection
of subject alternative - * names (ornull
) + * @return an immutable {@code Collection} of subject alternative + * names (or {@code null}) * @throws CertificateParsingException if the extension cannot be decoded * @since 1.4 */ @@ -600,38 +600,38 @@ /** * Gets an immutable collection of issuer alternative names from the - *IssuerAltName
extension, (OID = 2.5.29.18). + * {@code IssuerAltName} extension, (OID = 2.5.29.18). *- * The ASN.1 definition of the
IssuerAltName
extension is: + * The ASN.1 definition of the {@code IssuerAltName} extension is: ** IssuerAltName ::= GeneralNames *- * The ASN.1 definition ofGeneralNames
is defined + * The ASN.1 definition of {@code GeneralNames} is defined * in {@link #getSubjectAlternativeNames getSubjectAlternativeNames}. *- * If this certificate does not contain an
IssuerAltName
- * extension,null
is returned. Otherwise, a - *Collection
is returned with an entry representing each - *GeneralName
included in the extension. Each entry is a - *List
whose first entry is anInteger
- * (the name type, 0-8) and whose second entry is aString
+ * If this certificate does not contain an {@code IssuerAltName} + * extension, {@code null} is returned. Otherwise, a + * {@code Collection} is returned with an entry representing each + * {@code GeneralName} included in the extension. Each entry is a + * {@code List} whose first entry is an {@code Integer} + * (the name type, 0-8) and whose second entry is a {@code String} * or a byte array (the name, in string or ASN.1 DER encoded form, * respectively). For more details about the formats used for each - * name type, see thegetSubjectAlternativeNames
method. + * name type, see the {@code getSubjectAlternativeNames} method. *- * Note that the
Collection
returned may contain more + * Note that the {@code Collection} returned may contain more * than one name of the same type. Also, note that the returned - *Collection
is immutable and any entries containing byte + * {@code Collection} is immutable and any entries containing byte * arrays are cloned to protect against subsequent modifications. ** This method was added to version 1.4 of the Java 2 Platform Standard * Edition. In order to maintain backwards compatibility with existing - * service providers, this method is not
abstract
+ * service providers, this method is not {@code abstract} * and it provides a default implementation. Subclasses * should override this method with a correct implementation. * - * @return an immutableCollection
of issuer alternative - * names (ornull
) + * @return an immutable {@code Collection} of issuer alternative + * names (or {@code null}) * @throws CertificateParsingException if the extension cannot be decoded * @since 1.4 */ @@ -649,7 +649,7 @@ * * This method was added to version 1.8 of the Java Platform Standard * Edition. In order to maintain backwards compatibility with existing - * service providers, this method is notabstract
+ * service providers, this method is not {@code abstract} * and it provides a default implementation. * * @param key the PublicKey used to carry out the verification.