On Thu, 7 May 2026 16:31:19 GMT, Mikhail Yankelevich <[email protected]> wrote:
>> Adding new methods to `X509Certificate` to return `Instant` instead of >> `Date` as well as moving away from `Date` in internal packages wherever >> possible. >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > Mikhail Yankelevich has updated the pull request incrementally with one > additional commit since the last revision: > > comments src/java.base/share/classes/java/security/cert/X509Certificate.java line 128: > 126: /** > 127: * Checks that the certificate is currently valid. It is if > 128: * the current date and time are within the validity period given in > the Still "date and time". src/java.base/share/classes/java/security/cert/X509Certificate.java line 133: > 131: * The validity period consists of two time values: > 132: * the first and last times on which the certificate is valid. > 133: * It is defined in In RFC 5280, it's Validity ::= SEQUENCE { notBefore Time, notAfter Time } Time ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime } src/java.base/share/classes/java/security/cert/X509Certificate.java line 356: > 354: > 355: /** > 356: * Gets the {@code notBefore} date as an {@code Instant} from the > validity date -> time. src/java.base/share/classes/java/security/cert/X509Certificate.java line 368: > 366: * @throws NullPointerException when {@code getNotBefore()} returns > null. > 367: * > 368: * @return the start date of the validity period. date -> time src/java.base/share/classes/java/security/cert/X509Certificate.java line 369: > 367: * > 368: * @return the start date of the validity period. > 369: * @see #checkValidity() Extra space on the left. src/java.base/share/classes/java/security/cert/X509Certificate.java line 391: > 389: > 390: /** > 391: * Gets the {@code notAfter} date as an {@code Instant} from the > validity date -> time src/java.base/share/classes/java/security/cert/X509Certificate.java line 402: > 400: * The {@code Date} returned by {@code getNotAfter()} should not be > null. > 401: * > 402: * @throws NullPointerException when {@code getNotAfter()} returns > null. Calling `getNotAfter` is an implementation detail and should not appear in a general `@throws` line. My current opinion is that this should be described in the `@implSpec`. So remove this `@throws` and change the last line of `@implSpec` to something like `If {@code getNotAfter()} returns {@code null}, this method throws a {@code NullPointerException}`. The existing "should not be null" could be confusing. And, append `(never {@code null})` to the `@return` line. Same with the `getNotBefore` method. src/java.base/share/classes/java/security/cert/X509Certificate.java line 404: > 402: * @throws NullPointerException when {@code getNotAfter()} returns > null. > 403: * > 404: * @return the end date of the validity period. date -> time src/java.base/share/classes/java/security/cert/X509Certificate.java line 405: > 403: * > 404: * @return the end date of the validity period. > 405: * @see #checkValidity() Extra space on the left ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203333113 PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203363062 PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203373237 PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203375293 PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203379300 PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203383125 PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203546180 PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203384795 PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3203388401
