[8] Request for Review: 8022461: Fix lint warnings in sun.security.{provider, rsa, x509}
Jason Uh
jason.uh at oracle.com
Thu Aug 8 23:19:38 UTC 2013
On 08/07/2013 04:49 PM, Weijun Wang wrote:
>
>
> On 8/8/13 7:13 AM, Jason Uh wrote:
>> On 8/6/13 6:30 PM, Weijun Wang wrote:
>>> One question:
>>>
>>> In src/share/classes/sun/security/x509/X509Key.java, two fields are now
>>> not recommended:
>>>
>>> @Deprecated
>>> protected byte[] key = null;
>>>
>>> /*
>>> * The number of bits unused in the last byte of the key.
>>> * Added to keep the byte[] key form consistent with the BitArray
>>> * form. Can de deleted when byte[] key is deleted.
>>> */
>>> private int unusedBits = 0;
>>>
>>> I understand that key should be marked @Deprecated because it's
>>> protected and therefore part of (although private) API, but what about
>>> unusedBits? Is it better to also mark it @Deprecated?
>>
>> I see what you mean. But is it OK to mark private members @Deprecated? I
>> don't know if that violates convention or not. Let me know if you'd like
>> me to add that, and I'll include it in this change.
>
> According to JLS [1], there is no restriction on the scope of the method
> when applying @Deprecated. I think the reason we seldom see @Deprecated
> on a private field/method is that we can just remove it without
> affecting other classes, but in this case, the getArray() method shows
> it's not very simple.
>
> I suggest you add it.
Thanks, Max. I'll push with the change
* Added to keep the byte[] key form consistent with the BitArray
* form. Can de deleted when byte[] key is deleted.
*/
+ @Deprecated
private int unusedBits = 0;
in sun/security/x509/X509Key.java included in this fix.
Jason
> Thanks
> Max
>
> [1] http://docs.oracle.com/javase/specs/jls/se7/html/jls-9.html#jls-9.6.3.6
>
>>
>> Thanks,
>> Jason
>>
>>> Thanks
>>> Max
>>>
>>> On 8/7/13 7:51 AM, Joe Darcy wrote:
>>>> Hi Jason,
>>>>
>>>> Looks fine to me, but a security reviewer should approve as well.
>>>>
>>>> Thanks,
>>>>
>>>> -Joe
>>>>
>>>> On 08/06/2013 04:46 PM, Jason Uh wrote:
>>>>> Joe, Sean,
>>>>>
>>>>> Could I please get a review of this changeset? This change fixes
>>>>> deprecation warnings in:
>>>>> sun.security.provider
>>>>> sun.security.rsa
>>>>> sun.security.x509
>>>>>
>>>>> In sun.security.provider and sun.security.rsa, I change the use of
>>>>> sun.security.x509.X509Key's key bytes to the BitArray form of the key.
>>>>>
>>>>> Webrev: http://cr.openjdk.java.net/~juh/8022461/webrev.00/
>>>>>
>>>>> Thanks,
>>>>> Jason
>>>>
>>
More information about the security-dev
mailing list