Once again
http://cr.openjdk.java.net/~weijun/8058778/webrev.08/
http://cr.openjdk.java.net/~weijun/8058778/webrev.08/specdiff/java/security/cert/package-summary.html
Changes:
- GeneralName is now a standalone interface. Still no getType(), useless
- Two newGeneralName, the binary one is simply newGeneralName(byte[]) which
accepts every encoding including those having a string value
There is still one TODO:
We used to have subject(String) and subject(X500Principal), but on the issuer
side there is only one
buildCertificate(CertificateRequest, KeyPair, X500Principal)
seems not the same level. I'd prefer to remove subject(String). It's just a
short form and no more efficient than subject(X500Principal).
Thanks
Max
> On Jan 9, 2016, at 8:57 AM, Wang Weijun <weijun.w...@oracle.com> wrote:
>
>>
>> On Jan 9, 2016, at 4:40 AM, Sean Mullan <sean.mul...@oracle.com> wrote:
>>
>> On 01/07/2016 10:38 PM, Wang Weijun wrote:
>>>
>>>> On Jan 8, 2016, at 6:06 AM, Sean Mullan <sean.mul...@oracle.com>
>>>> wrote:
>>
>>>> * CertificateFactorySpi
>>>>
>>>> Need more details on how inStream is parsed.
>>>
>>> I thought a "@see CertificateFactory#generateCertificateRequest" is
>>> enough. I do noticed that
>>> CertificateFactorySpi#engineGenerateCertificate copies all spec from
>>> CertificateFactory#generateCertificate.
>>
>> I think if you specifically linked to that from the method description it
>> would be sufficient, ex: "For details on how inStream is parsed, see ...",
>> but an @see on its own is more like an FYI and does not imply that it is
>> part of the specification.
>
> I'll copy the text then, same with generateCertificate().
>
>>
>>>>
>>>> 772 String getDefaultSigAlgName(PrivateKey key);
>>>>
>>>> This seems like it should just be a static utility method, and not
>>>> something every subclass has to implement.
>>>
>>> But only the provider (X509Factory here) knows about the return
>>> values, and another provider can return different values.
>>
>> Can you remind me why this needs to be a public method? Why can't this be an
>> implementation detail when the caller doesn't specify a signature algorithm?
>
> It allows a caller (maybe a GUI tool) to know what default values are.
>
>> ful.
>>
>>> Or, we can do it like
>>>
>>> interface GeneralName { byte[] getEncoded(); }
>>
>> and an enum for the type and a getType method?
>
> enum will be here. getType() is useful but not necessary.
>
> Thanks
> Max
>
>>
>>>
>>> class X509Certificate.Builder { GeneralName newGeneralName(int/Enum
>>> type, String svalue); GeneralName newGeneralName(int/Enum type,
>>> byte[] value); }
>>
>> Ok.
>>
>> --Sean
