[8] Request for Review: 8022461: Fix lint warnings in sun.security.{provider, rsa, x509}

Jason Uh jason.uh at oracle.com
Thu Aug 8 23:19:38 UTC 2013



On 08/07/2013 04:49 PM, Weijun Wang wrote:
>
>
> On 8/8/13 7:13 AM, Jason Uh wrote:
>> On 8/6/13 6:30 PM, Weijun Wang wrote:
>>> One question:
>>>
>>> In src/share/classes/sun/security/x509/X509Key.java, two fields are now
>>> not recommended:
>>>
>>>      @Deprecated
>>>      protected byte[] key = null;
>>>
>>>      /*
>>>       * The number of bits unused in the last byte of the key.
>>>       * Added to keep the byte[] key form consistent with the BitArray
>>>       * form. Can de deleted when byte[] key is deleted.
>>>       */
>>>      private int unusedBits = 0;
>>>
>>> I understand that key should be marked @Deprecated because it's
>>> protected and therefore part of (although private) API, but what about
>>> unusedBits? Is it better to also mark it @Deprecated?
>>
>> I see what you mean. But is it OK to mark private members @Deprecated? I
>> don't know if that violates convention or not. Let me know if you'd like
>> me to add that, and I'll include it in this change.
>
> According to JLS [1], there is no restriction on the scope of the method
> when applying @Deprecated. I think the reason we seldom see @Deprecated
> on a private field/method is that we can just remove it without
> affecting other classes, but in this case, the getArray() method shows
> it's not very simple.
>
> I suggest you add it.

Thanks, Max. I'll push with the change

       * Added to keep the byte[] key form consistent with the BitArray
       * form. Can de deleted when byte[] key is deleted.
       */
+    @Deprecated
      private int unusedBits = 0;

in sun/security/x509/X509Key.java included in this fix.

Jason

> Thanks
> Max
>
> [1] http://docs.oracle.com/javase/specs/jls/se7/html/jls-9.html#jls-9.6.3.6
>
>>
>> Thanks,
>> Jason
>>
>>> Thanks
>>> Max
>>>
>>> On 8/7/13 7:51 AM, Joe Darcy wrote:
>>>> Hi Jason,
>>>>
>>>> Looks fine to me, but a security reviewer should approve as well.
>>>>
>>>> Thanks,
>>>>
>>>> -Joe
>>>>
>>>> On 08/06/2013 04:46 PM, Jason Uh wrote:
>>>>> Joe, Sean,
>>>>>
>>>>> Could I please get a review of this changeset? This change fixes
>>>>> deprecation warnings in:
>>>>>  sun.security.provider
>>>>>  sun.security.rsa
>>>>>  sun.security.x509
>>>>>
>>>>> In sun.security.provider and sun.security.rsa, I change the use of
>>>>> sun.security.x509.X509Key's key bytes to the BitArray form of the key.
>>>>>
>>>>> Webrev: http://cr.openjdk.java.net/~juh/8022461/webrev.00/
>>>>>
>>>>> Thanks,
>>>>> Jason
>>>>
>>



More information about the security-dev mailing list