JDK 8 RFR of 8029475 Fix more doclint issues in javax.security

Jason Uh jason.uh at oracle.com
Tue Dec 3 11:07:14 PST 2013


Thanks for fixing these, Joe! The changes look good.

Jason

On 12/03/2013 09:40 AM, Joe Darcy wrote:
> Hello,
>
> Please review my fixes for
>
>          JDK-8029475 Fix more doclint issues in javax.security
>          http://cr.openjdk.java.net/~darcy/8029475.0/
>
> Changes also in-line below.
>
> Thanks,
>
> -Joe
>
> diff -r c11553506228 src/share/classes/javax/crypto/Cipher.java
> --- a/src/share/classes/javax/crypto/Cipher.java    Tue Dec 03 08:53:23
> 2013 +0100
> +++ b/src/share/classes/javax/crypto/Cipher.java    Tue Dec 03 09:39:20
> 2013 -0800
> @@ -62,17 +62,17 @@
>    * algorithm (e.g., <i>DES</i>), and may be followed by a feedback
> mode and
>    * padding scheme.
>    *
> - * <p> A transformation is of the form:<p>
> + * <p> A transformation is of the form:
>    *
>    * <ul>
>    * <li>"<i>algorithm/mode/padding</i>" or
> - * <p>
> + *
>    * <li>"<i>algorithm</i>"
>    * </ul>
>    *
>    * <P> (in the latter case,
>    * provider-specific default values for the mode and padding scheme
> are used).
> - * For example, the following is a valid transformation:<p>
> + * For example, the following is a valid transformation:
>    *
>    * <pre>
>    *     Cipher c = Cipher.getInstance("<i>DES/CBC/PKCS5Padding</i>");
> diff -r c11553506228 src/share/classes/javax/crypto/CipherSpi.java
> --- a/src/share/classes/javax/crypto/CipherSpi.java    Tue Dec 03
> 08:53:23 2013 +0100
> +++ b/src/share/classes/javax/crypto/CipherSpi.java    Tue Dec 03
> 09:39:20 2013 -0800
> @@ -62,17 +62,17 @@
>    * algorithm (e.g., <i>DES</i>), and may be followed by a feedback
> mode and
>    * padding scheme.
>    *
> - * <p> A transformation is of the form:<p>
> + * <p> A transformation is of the form:
>    *
>    * <ul>
>    * <li>"<i>algorithm/mode/padding</i>" or
> - * <p>
> + *
>    * <li>"<i>algorithm</i>"
>    * </ul>
>    *
>    * <P> (in the latter case,
>    * provider-specific default values for the mode and padding scheme
> are used).
> - * For example, the following is a valid transformation:<p>
> + * For example, the following is a valid transformation:
>    *
>    * <pre>
>    *     Cipher c = Cipher.getInstance("<i>DES/CBC/PKCS5Padding</i>");
> @@ -129,7 +129,7 @@
>    * <i>DES/CBC/PKCS5Padding</i>, one that implements
>    * <i>DES/CFB/PKCS5Padding</i>, and yet another one that implements
>    * <i>DES/OFB/PKCS5Padding</i>. That provider would have the following
> - * <code>Cipher</code> properties in its master class:<p>
> + * <code>Cipher</code> properties in its master class:
>    *
>    * <ul>
>    *
> @@ -160,7 +160,7 @@
>    * and one for <i>OFB</i>), one class for <i>PKCS5Padding</i>,
>    * and a generic <i>DES</i> class that subclasses from
> <code>CipherSpi</code>.
>    * That provider would have the following
> - * <code>Cipher</code> properties in its master class:<p>
> + * <code>Cipher</code> properties in its master class:
>    *
>    * <ul>
>    *
> @@ -197,20 +197,20 @@
>    * Check if the provider has registered a subclass of
> <code>CipherSpi</code>
>    * for the specified "<i>algorithm/mode/padding</i>" transformation.
>    * <p>If the answer is YES, instantiate it.
> - * <p>If the answer is NO, go to the next step.<p>
> + * <p>If the answer is NO, go to the next step.
>    * <li>
>    * Check if the provider has registered a subclass of
> <code>CipherSpi</code>
>    * for the sub-transformation "<i>algorithm/mode</i>".
>    * <p>If the answer is YES, instantiate it, and call
>    * <code>engineSetPadding(<i>padding</i>)</code> on the new instance.
> - * <p>If the answer is NO, go to the next step.<p>
> + * <p>If the answer is NO, go to the next step.
>    * <li>
>    * Check if the provider has registered a subclass of
> <code>CipherSpi</code>
>    * for the sub-transformation "<i>algorithm//padding</i>" (note the
> double
>    * slashes).
>    * <p>If the answer is YES, instantiate it, and call
>    * <code>engineSetMode(<i>mode</i>)</code> on the new instance.
> - * <p>If the answer is NO, go to the next step.<p>
> + * <p>If the answer is NO, go to the next step.
>    * <li>
>    * Check if the provider has registered a subclass of
> <code>CipherSpi</code>
>    * for the sub-transformation "<i>algorithm</i>".
> diff -r c11553506228 src/share/classes/javax/crypto/KeyGenerator.java
> --- a/src/share/classes/javax/crypto/KeyGenerator.java    Tue Dec 03
> 08:53:23 2013 +0100
> +++ b/src/share/classes/javax/crypto/KeyGenerator.java    Tue Dec 03
> 09:39:20 2013 -0800
> @@ -66,7 +66,6 @@
>    * algorithm-independent <code>init</code> methods, it is up to the
>    * provider what to do about the algorithm-specific parameters (if
> any) to be
>    * associated with each of the keys.
> - * <p>
>    *
>    * <li><b>Algorithm-Specific Initialization</b>
>    * <p>For situations where a set of algorithm-specific parameters already
> diff -r c11553506228 src/share/classes/javax/crypto/SealedObject.java
> --- a/src/share/classes/javax/crypto/SealedObject.java    Tue Dec 03
> 08:53:23 2013 +0100
> +++ b/src/share/classes/javax/crypto/SealedObject.java    Tue Dec 03
> 09:39:20 2013 -0800
> @@ -1,5 +1,5 @@
>   /*
> - * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights
> reserved.
> + * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights
> reserved.
>    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>    *
>    * This code is free software; you can redistribute it and/or modify it
> @@ -50,7 +50,7 @@
>    * to a SealedObject.
>    *
>    * <p> The original object that was sealed can be recovered in two
> different
> - * ways: <p>
> + * ways:
>    *
>    * <ul>
>    *
> @@ -68,8 +68,6 @@
>    * decryption key, it could hand over the cipher object to
>    * another party who then unseals the sealed object.
>    *
> - * <p>
> - *
>    * <li>by using one of the
>    * {@link #getObject(java.security.Key) getObject} methods
>    * that take a <code>Key</code> object.
> diff -r c11553506228 src/share/classes/javax/net/ssl/SSLEngine.java
> --- a/src/share/classes/javax/net/ssl/SSLEngine.java    Tue Dec 03
> 08:53:23 2013 +0100
> +++ b/src/share/classes/javax/net/ssl/SSLEngine.java    Tue Dec 03
> 09:39:20 2013 -0800
> @@ -1,5 +1,5 @@
>   /*
> - * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights
> reserved.
> + * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights
> reserved.
>    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>    *
>    * This code is free software; you can redistribute it and/or modify it
> @@ -329,7 +329,7 @@
>    * is saved.  All future delegated tasks will be processed using this
>    * context:  that is, all access control decisions will be made using the
>    * context captured at engine creation.
> - * <P>
> + *
>    * <HR>
>    *
>    * <B>Concurrency Notes</B>:
> @@ -345,7 +345,7 @@
>    *      out-of-order, unexpected or fatal results may occur.
>    * <P>
>    *      For example:
> - * <P>
> + *
>    *      <pre>
>    *              synchronized (outboundLock) {
>    *                  sslEngine.wrap(src, dst);
> diff -r c11553506228 src/share/classes/javax/net/ssl/SSLPermission.java
> --- a/src/share/classes/javax/net/ssl/SSLPermission.java    Tue Dec 03
> 08:53:23 2013 +0100
> +++ b/src/share/classes/javax/net/ssl/SSLPermission.java    Tue Dec 03
> 09:39:20 2013 -0800
> @@ -1,5 +1,5 @@
>   /*
> - * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights
> reserved.
> + * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights
> reserved.
>    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>    *
>    * This code is free software; you can redistribute it and/or modify it
> @@ -43,7 +43,6 @@
>    * The following table lists all the possible SSLPermission target names,
>    * and for each provides a description of what the permission allows
>    * and a discussion of the risks of granting code the permission.
> - * <P>
>    *
>    * <table border=1 cellpadding=5
>    *  summary="permission name, what it allows, and associated risks">
> diff -r c11553506228
> src/share/classes/javax/security/auth/PrivateCredentialPermission.java
> ---
> a/src/share/classes/javax/security/auth/PrivateCredentialPermission.java
> Tue Dec 03 08:53:23 2013 +0100
> +++
> b/src/share/classes/javax/security/auth/PrivateCredentialPermission.java
> Tue Dec 03 09:39:20 2013 -0800
> @@ -228,8 +228,8 @@
>        * <p>
>        *
>        * This method returns true if:
> -     * <p><ul>
> -     * <li> <i>p</i> is an instanceof PrivateCredentialPermission and <p>
> +     * <ul>
> +     * <li> <i>p</i> is an instanceof PrivateCredentialPermission and
>        * <li> the target name for <i>p</i> is implied by this object's
>        *          target name.  For example:
>        * <pre>
> diff -r c11553506228
> src/share/classes/javax/security/auth/kerberos/DelegationPermission.java
> ---
> a/src/share/classes/javax/security/auth/kerberos/DelegationPermission.java
> Tue Dec 03 08:53:23 2013 +0100
> +++
> b/src/share/classes/javax/security/auth/kerberos/DelegationPermission.java
> Tue Dec 03 09:39:20 2013 -0800
> @@ -48,14 +48,14 @@
>    * <p>
>    * For example, to specify the "host" service use of a forwardable TGT
> the
>    * target permission is specified as follows:
> - * <p>
> + *
>    * <pre>
>    *  DelegationPermission("\"host/foo.example.com at EXAMPLE.COM\"
> \"krbtgt/EXAMPLE.COM at EXAMPLE.COM\"");
>    * </pre>
>    * <p>
>    * To give the "backup" service a proxiable nfs service ticket the
> target permission
>    * might be specified:
> - * <p>
> + *
>    * <pre>
>    *  DelegationPermission("\"backup/bar.example.com at EXAMPLE.COM\"
> \"nfs/home.EXAMPLE.COM at EXAMPLE.COM\"");
>    * </pre>
> diff -r c11553506228
> src/share/classes/javax/security/auth/kerberos/ServicePermission.java
> ---
> a/src/share/classes/javax/security/auth/kerberos/ServicePermission.java
> Tue Dec 03 08:53:23 2013 +0100
> +++
> b/src/share/classes/javax/security/auth/kerberos/ServicePermission.java
> Tue Dec 03 09:39:20 2013 -0800
> @@ -62,7 +62,7 @@
>    * Authentication Service exchange.
>    * <p>
>    * The possible actions are:
> - * <p>
> + *
>    * <pre>
>    *    initiate -              allow the caller to use the credential to
>    *                            initiate a security context with a service
> @@ -75,7 +75,7 @@
>    *
>    * For example, to specify the permission to access to the TGT to
>    * initiate a security context the permission is constructed as follows:
> - * <p>
> + *
>    * <pre>
>    *     ServicePermission("krbtgt/EXAMPLE.COM at EXAMPLE.COM", "initiate");
>    * </pre>
> @@ -89,7 +89,7 @@
>    * For a Kerberized server the action is "accept". For example, the
> permission
>    * necessary to access and use the secret key of the  Kerberized "host"
>    * service (telnet and the likes)  would be constructed as follows:
> - * <p>
> + *
>    * <pre>
>    *     ServicePermission("host/foo.example.com at EXAMPLE.COM", "accept");
>    * </pre>
> diff -r c11553506228
> src/share/classes/javax/security/auth/login/LoginContext.java
> --- a/src/share/classes/javax/security/auth/login/LoginContext.java Tue
> Dec 03 08:53:23 2013 +0100
> +++ b/src/share/classes/javax/security/auth/login/LoginContext.java Tue
> Dec 03 09:39:20 2013 -0800
> @@ -101,11 +101,11 @@
>    * <li> If the constructor has a Subject
>    * input parameter, the LoginContext uses the caller-specified
>    * Subject object.
> - * <p>
> + *
>    * <li> If the caller specifies a {@code null} Subject
>    * and a {@code null} value is permitted,
>    * the LoginContext instantiates a new Subject.
> - * <p>
> + *
>    * <li> If the constructor does <b>not</b> have a Subject
>    * input parameter, the LoginContext instantiates a new Subject.
>    * <p>
> @@ -132,7 +132,7 @@
>    * {@code getAppConfigurationEntry} with the name, "<i>other</i>"
>    * (the default entry name).  If there is no entry for "<i>other</i>",
>    * then a {@code LoginException} is thrown.
> - * <p>
> + *
>    * <li> When LoginContext uses the installed Configuration, the caller
>    * requires the createLoginContext.<em>name</em> and possibly
>    * createLoginContext.other AuthPermissions. Furthermore, the
> @@ -141,7 +141,7 @@
>    * perform security-sensitive tasks (such as connecting to remote hosts,
>    * and updating the Subject) will require the respective permissions, but
>    * the callers of the LoginContext will not require those permissions.
> - * <p>
> + *
>    * <li> When LoginContext uses a caller-specified Configuration, the
> caller
>    * does not require any createLoginContext AuthPermission.  The
> LoginContext
>    * saves the {@code AccessControlContext} for the caller,
> @@ -158,7 +158,7 @@
>    * <li> If the constructor has a CallbackHandler
>    * input parameter, the LoginContext uses the caller-specified
>    * CallbackHandler object.
> - * <p>
> + *
>    * <li> If the constructor does <b>not</b> have a CallbackHandler
>    * input parameter, or if the caller specifies a {@code null}
>    * CallbackHandler object (and a {@code null} value is permitted),
> @@ -171,7 +171,7 @@
>    * with users.  The caller thus assumes that the configured
>    * modules have alternative means for authenticating the user.
>    *
> - * <p>
> + *
>    * <li> When the LoginContext uses the installed Configuration
> (instead of
>    * a caller-specified Configuration, see above),
>    * then this LoginContext must wrap any
> diff -r c11553506228
> src/share/classes/javax/security/auth/x500/X500Principal.java
> --- a/src/share/classes/javax/security/auth/x500/X500Principal.java Tue
> Dec 03 08:53:23 2013 +0100
> +++ b/src/share/classes/javax/security/auth/x500/X500Principal.java Tue
> Dec 03 09:39:20 2013 -0800
> @@ -314,7 +314,7 @@
>        * this method returns an RFC 2253 conformant string representation
>        * with the following additional canonicalizations:
>        *
> -     * <p><ol>
> +     * <ol>
>        * <li> Leading zeros are removed from attribute types
>        *          that are encoded as dotted decimal OIDs
>        * <li> DirectoryString attribute values of type
>
>


More information about the security-dev mailing list