A few more comments for now, but I'll need another day or so to finish
my review:
* General
Use @throws instead of @exception
* X509Certificate
lines 572-585 were removed, but where was it copied? It is not in
GeneralName and probably should not be unless we add a toString method.
847 * @exception IllegalArgumentException if {@code name}
848 * is not a valid signature algorithm name. TODO: really?
Agree, you can't detect this until the certificate is built/signed, so I
think you should remove it, and add a note that the signature algorithm
will not be checked for availability until it is built or signed.
867 * If Both this method and {@link #setSigAlgName} are
called, the
s/Both/both/
* CertificateRequest
125 * @return the encoded form of this certificate request
126 */
127 public abstract byte[] getEncoded();
Should say that it returns a new byte array each time it is called.
--Sean
On 01/11/2016 02:59 AM, Wang Weijun wrote:
Once again
http://cr.openjdk.java.net/~weijun/8058778/webrev.08/
http://cr.openjdk.java.net/~weijun/8058778/webrev.08/specdiff/java/security/cert/package-summary.html
Changes:
- GeneralName is now a standalone interface. Still no getType(), useless
- Two newGeneralName, the binary one is simply newGeneralName(byte[]) which
accepts every encoding including those having a string value
There is still one TODO:
We used to have subject(String) and subject(X500Principal), but on the issuer
side there is only one
buildCertificate(CertificateRequest, KeyPair, X500Principal)
seems not the same level. I'd prefer to remove subject(String). It's just a
short form and no more efficient than subject(X500Principal).
Thanks
Max
