[8] Request for Review: 8022461: Fix lint warnings in sun.security.{provider, rsa, x509}
Weijun Wang
weijun.wang at oracle.com
Wed Aug 7 23:49:14 UTC 2013
On 8/8/13 7:13 AM, Jason Uh wrote:
> On 8/6/13 6:30 PM, Weijun Wang wrote:
>> One question:
>>
>> In src/share/classes/sun/security/x509/X509Key.java, two fields are now
>> not recommended:
>>
>> @Deprecated
>> protected byte[] key = null;
>>
>> /*
>> * The number of bits unused in the last byte of the key.
>> * Added to keep the byte[] key form consistent with the BitArray
>> * form. Can de deleted when byte[] key is deleted.
>> */
>> private int unusedBits = 0;
>>
>> I understand that key should be marked @Deprecated because it's
>> protected and therefore part of (although private) API, but what about
>> unusedBits? Is it better to also mark it @Deprecated?
>
> I see what you mean. But is it OK to mark private members @Deprecated? I
> don't know if that violates convention or not. Let me know if you'd like
> me to add that, and I'll include it in this change.
According to JLS [1], there is no restriction on the scope of the method
when applying @Deprecated. I think the reason we seldom see @Deprecated
on a private field/method is that we can just remove it without
affecting other classes, but in this case, the getArray() method shows
it's not very simple.
I suggest you add it.
Thanks
Max
[1] http://docs.oracle.com/javase/specs/jls/se7/html/jls-9.html#jls-9.6.3.6
>
> Thanks,
> Jason
>
>> Thanks
>> Max
>>
>> On 8/7/13 7:51 AM, Joe Darcy wrote:
>>> Hi Jason,
>>>
>>> Looks fine to me, but a security reviewer should approve as well.
>>>
>>> Thanks,
>>>
>>> -Joe
>>>
>>> On 08/06/2013 04:46 PM, Jason Uh wrote:
>>>> Joe, Sean,
>>>>
>>>> Could I please get a review of this changeset? This change fixes
>>>> deprecation warnings in:
>>>> sun.security.provider
>>>> sun.security.rsa
>>>> sun.security.x509
>>>>
>>>> In sun.security.provider and sun.security.rsa, I change the use of
>>>> sun.security.x509.X509Key's key bytes to the BitArray form of the key.
>>>>
>>>> Webrev: http://cr.openjdk.java.net/~juh/8022461/webrev.00/
>>>>
>>>> Thanks,
>>>> Jason
>>>
>
More information about the security-dev
mailing list