[8] Request for Review: 8022461: Fix lint warnings in sun.security.{provider, rsa, x509}

Weijun Wang weijun.wang at oracle.com
Wed Aug 7 16:49:14 PDT 2013



On 8/8/13 7:13 AM, Jason Uh wrote:
> On 8/6/13 6:30 PM, Weijun Wang wrote:
>> One question:
>>
>> In src/share/classes/sun/security/x509/X509Key.java, two fields are now
>> not recommended:
>>
>>      @Deprecated
>>      protected byte[] key = null;
>>
>>      /*
>>       * The number of bits unused in the last byte of the key.
>>       * Added to keep the byte[] key form consistent with the BitArray
>>       * form. Can de deleted when byte[] key is deleted.
>>       */
>>      private int unusedBits = 0;
>>
>> I understand that key should be marked @Deprecated because it's
>> protected and therefore part of (although private) API, but what about
>> unusedBits? Is it better to also mark it @Deprecated?
>
> I see what you mean. But is it OK to mark private members @Deprecated? I
> don't know if that violates convention or not. Let me know if you'd like
> me to add that, and I'll include it in this change.

According to JLS [1], there is no restriction on the scope of the method 
when applying @Deprecated. I think the reason we seldom see @Deprecated 
on a private field/method is that we can just remove it without 
affecting other classes, but in this case, the getArray() method shows 
it's not very simple.

I suggest you add it.

Thanks
Max

[1] http://docs.oracle.com/javase/specs/jls/se7/html/jls-9.html#jls-9.6.3.6

>
> Thanks,
> Jason
>
>> Thanks
>> Max
>>
>> On 8/7/13 7:51 AM, Joe Darcy wrote:
>>> Hi Jason,
>>>
>>> Looks fine to me, but a security reviewer should approve as well.
>>>
>>> Thanks,
>>>
>>> -Joe
>>>
>>> On 08/06/2013 04:46 PM, Jason Uh wrote:
>>>> Joe, Sean,
>>>>
>>>> Could I please get a review of this changeset? This change fixes
>>>> deprecation warnings in:
>>>>  sun.security.provider
>>>>  sun.security.rsa
>>>>  sun.security.x509
>>>>
>>>> In sun.security.provider and sun.security.rsa, I change the use of
>>>> sun.security.x509.X509Key's key bytes to the BitArray form of the key.
>>>>
>>>> Webrev: http://cr.openjdk.java.net/~juh/8022461/webrev.00/
>>>>
>>>> Thanks,
>>>> Jason
>>>
>


More information about the security-dev mailing list