8241039: Retire the deprecated SSLSession.getPeerCertificateChain() method

Reviewed-by: mullan, alanb, dfuchs
2025-08-27 06:45:07 +02:00 · 2020-03-20 09:15:00 -07:00 · 2020-03-20 09:15:00 -07:00 · d243e40f7b
commit d243e40f7b
parent 2288788e03
7 changed files with 26 additions and 408 deletions
--- a/src/java.base/share/classes/javax/net/ssl/HandshakeCompletedEvent.java
+++ b/src/java.base/share/classes/javax/net/ssl/HandshakeCompletedEvent.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -157,7 +157,10 @@ public class HandshakeCompletedEvent extends EventObject
     *          certificate authorities.  (The certificates are in
     *          the original JSSE
     *          {@link javax.security.cert.X509Certificate} format).
-     * @exception SSLPeerUnverifiedException if the peer is not verified.
+     * @throws SSLPeerUnverifiedException if the peer is not verified.
+     * @throws UnsupportedOperationException if the underlying provider
+     *         does not implement the
+     *         {@link SSLSession#getPeerCertificateChain} operation.
     * @see #getPeerPrincipal()
     * @deprecated The {@link #getPeerCertificates()} method that returns an
     *               array of {@code java.security.cert.Certificate} should
@ -166,8 +169,7 @@ public class HandshakeCompletedEvent extends EventObject
    @SuppressWarnings("removal")
    @Deprecated(since="9", forRemoval=true)
    public javax.security.cert.X509Certificate [] getPeerCertificateChain()
-            throws SSLPeerUnverifiedException
-    {
+            throws SSLPeerUnverifiedException {
        return session.getPeerCertificateChain();
    }

@ -176,7 +178,7 @@ public class HandshakeCompletedEvent extends EventObject
     * defining the session.
     *
     * @return the peer's principal. Returns an X500Principal of the
-     * end-entity certiticate for X509-based cipher suites, and
+     * end-entity certificate for X509-based cipher suites, and
     * KerberosPrincipal for Kerberos cipher suites.
     *
     * @throws SSLPeerUnverifiedException if the peer's identity has not
--- a/src/java.base/share/classes/javax/net/ssl/SSLSession.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSession.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -270,13 +270,19 @@ public interface SSLSession {
     * releases. New applications should use
     * {@link #getPeerCertificates} instead.</em></p>
     *
+     * @implSpec
+     *     This default implementation throws UnsupportedOperationException.
+     *
     * @return an ordered array of peer X.509 certificates,
     *          with the peer's own certificate first followed by any
     *          certificate authorities.  (The certificates are in
     *          the original JSSE certificate
     *          {@link javax.security.cert.X509Certificate} format.)
-     * @exception SSLPeerUnverifiedException if the peer's identity
-     *          has not been verified
+     * @throws SSLPeerUnverifiedException if the peer's identity
+     *         has not been verified.
+     * @throws UnsupportedOperationException if the underlying provider
+     *         does not implement the operation.
+     *
     * @see #getPeerPrincipal()
     * @deprecated The {@link #getPeerCertificates()} method that returns an
     *               array of {@code java.security.cert.Certificate} should
@ -284,15 +290,19 @@ public interface SSLSession {
     */
    @SuppressWarnings("removal")
    @Deprecated(since="9", forRemoval=true)
-    public javax.security.cert.X509Certificate [] getPeerCertificateChain()
-            throws SSLPeerUnverifiedException;
+    public default javax.security.cert.X509Certificate[]
+            getPeerCertificateChain() throws SSLPeerUnverifiedException {
+        throw new UnsupportedOperationException(
+             "This method is deprecated and marked for removal. Use the " +
+             "getPeerCertificates() method instead.");
+    }

    /**
     * Returns the identity of the peer which was established as part of
     * defining the session.
     *
     * @return the peer's principal. Returns an X500Principal of the
-     * end-entity certiticate for X509-based cipher suites, and
+     * end-entity certificate for X509-based cipher suites, and
     * KerberosPrincipal for Kerberos cipher suites.
     *
     * @throws SSLPeerUnverifiedException if the peer's identity has not