archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 14:54:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8241003: Deprecate "denigrated" java.security.cert APIs that represent DNs as Principal or String objects

Browse source 
Reviewed-by: xuelei, valeriep, weijun
This commit is contained in:
Sean Mullan 2020-08-26 13:31:10 -04:00
parent 0df797de94
commit f879698c63
16 changed files with 115 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

20
src/java.base/share/classes/java/security/cert/X509CRLSelector.java
View file

@ -225,13 +225,6 @@ public class X509CRLSelector implements CRLSelector {
}
/**
* <strong>Denigrated</strong>, use
* {@linkplain #addIssuer(X500Principal)} or
* {@linkplain #addIssuerName(byte[])} instead. This method should not be
* relied on as it can fail to match some CRLs because of a loss of
* encoding information in the RFC 2253 String form of some distinguished
* names.
* <p>
* Adds a name to the issuerNames criterion. The issuer distinguished
* name in the {@code X509CRL} must match at least one of the specified
* distinguished names.
@ -241,9 +234,17 @@ public class X509CRLSelector implements CRLSelector {
* any previous value for the issuerNames criterion.
* If the specified name is a duplicate, it may be ignored.
*
* @param name the name in RFC 2253 form
* @param name the name in
* <a href="http://www.ietf.org/rfc/rfc2253.txt">RFC 2253</a> form
* @throws IOException if a parsing error occurs
*
* @deprecated Use {@link #addIssuer(X500Principal)} or
* {@link #addIssuerName(byte[])} instead. This method should not be
* relied on as it can fail to match some CRLs because of a loss of
* encoding information in the RFC 2253 String form of some distinguished
* names.
*/
@Deprecated(since="16")
public void addIssuerName(String name) throws IOException {
addIssuerNameInternal(name, new X500Name(name).asX500Principal());
}
@ -481,7 +482,8 @@ public class X509CRLSelector implements CRLSelector {
* <p>
* If the value returned is not {@code null}, it is a
* {@code Collection} of names. Each name is a {@code String}
* or a byte array representing a distinguished name (in RFC 2253 or
* or a byte array representing a distinguished name (in
* <a href="http://www.ietf.org/rfc/rfc2253.txt">RFC 2253</a> or
* ASN.1 DER encoded form, respectively). Note that the
* {@code Collection} returned may contain duplicate names.
* <p>