harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From telli...@apache.org
Subject svn commit: r769463 [8/9] - in /harmony/enhanced/classlib/trunk/modules/security/src/main/java/common: java/security/ java/security/acl/ java/security/cert/ java/security/interfaces/ java/security/spec/ javax/security/cert/
Date Tue, 28 Apr 2009 17:01:47 GMT
Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CRLEntry.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CRLEntry.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CRLEntry.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CRLEntry.java Tue Apr 28 17:01:41 2009
@@ -15,11 +15,6 @@
  *  limitations under the License.
  */
 
-/**
-* @author Alexander Y. Kleymenov
-* @version $Revision$
-*/
-
 package java.security.cert;
 
 import java.math.BigInteger;
@@ -31,17 +26,24 @@
 import javax.security.auth.x500.X500Principal;
 
 /**
- * @com.intel.drl.spec_ref
+ * Abstract base class for entries in a certificate revocation list (CRL).
+ * 
+ * @see X509CRL
  */
 public abstract class X509CRLEntry implements X509Extension {
 
     /**
-     * @com.intel.drl.spec_ref
+     * Creates a new {@code X509CRLEntry} instance.
      */
     public X509CRLEntry() {}
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns whether the specified object equals to this instance.
+     * 
+     * @param other
+     *            the object to compare.
+     * @return {@code true} if the specified object equals to this instance,
+     *         otherwise {@code false}.
      */
     public boolean equals(Object other) {
         if (other == this) {
@@ -59,7 +61,9 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the hashcode of this instance.
+     * 
+     * @return the hashcode of this instance.
      */
     public int hashCode() {
         int res = 0;
@@ -74,31 +78,50 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns this entry in ASN.1 DER encoded form.
+     * 
+     * @return the encoded form of this entry.
+     * @throws CRLException
+     *             if encoding fails.
      */
     public abstract byte[] getEncoded() throws CRLException;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the serial number of the revoked certificate.
+     * 
+     * @return the serial number of the revoked certificate.
      */
     public abstract BigInteger getSerialNumber();
 
+    /**
+     * Returns the issuer of the revoked certificate.
+     * 
+     * @return the issuer of the revoked certificate, or {@code null} if the
+     *         issuer is equal to the CRL issuer.
+     */
     public X500Principal getCertificateIssuer() {
         return null;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the date when the certificate is revoked.
+     * 
+     * @return the date when the certificate is revoked.
      */
     public abstract Date getRevocationDate();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns whether this CRL entry has extensions.
+     * 
+     * @return {@code true} is this CRL entry has extensions, otherwise {@code
+     *         false}.
      */
     public abstract boolean hasExtensions();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns a string representation of this instance.
+     * 
+     * @return a string representation of this instance.
      */
     public abstract String toString();
 }

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CRLSelector.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CRLSelector.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CRLSelector.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CRLSelector.java Tue Apr 28 17:01:41 2009
@@ -15,10 +15,6 @@
  *  limitations under the License.
  */
 
-/**
- * @author Alexander Y. Kleymenov
- * @version $Revision$
- */
 
 package java.security.cert;
 
@@ -36,7 +32,11 @@
 import org.apache.harmony.security.x501.Name;
 
 /**
- * @com.intel.drl.spec_ref
+ * A CRL selector ({@code CRLSelector} for selecting {@code
+ * X509CRL}s that match the specified criteria.
+ * <p>
+ * When constructed, all criteria are set to default values that will match any
+ * {@code X509CRL}.
  */
 public class X509CRLSelector implements CRLSelector {
 
@@ -56,12 +56,19 @@
     private X509Certificate certificateChecking;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Creates a new {@code X509CertSelector}.
      */
     public X509CRLSelector() { }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the issuer distinguished names.
+     * <p>
+     * The CRL issuer must match at least one of the specified distinguished
+     * names.
+     *
+     * @param issuers
+     *            the list of issuer distinguished names to match, or {@code
+     *            null} if any issuer distinguished name will do.
      */
     public void setIssuers(Collection<X500Principal> issuers) {
         if (issuers == null) {
@@ -77,7 +84,23 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * <b>Do not use:</b> use {@link #setIssuers(Collection)} or one of
+     * {@link #addIssuerName} instead. Sets the criterion for the issuer
+     * distinguished names.
+     * <p>
+     * The CRL issuer must match at least one of the specified distinguished
+     * names.
+     * <p>
+     * The specified parameter {@code names} is a collection with an entry for
+     * each name to be included in the criterion. The name is specified as a
+     * {@code String} or a byte array specifying the name (in RFC 2253 or ASN.1
+     * DER encoded form)
+     *
+     * @param names
+     *            the list of issuer distinguished names to match, or {@code
+     *            null} if any issuer distinguished name will do.
+     * @throws IOException
+     *             if parsing fails.
      */
     public void setIssuerNames(Collection<?> names) throws IOException {
         if (names == null) {
@@ -106,7 +129,13 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Adds an issuer to the criterion for the issuer distinguished names.
+     * <p>
+     * The CRL issuer must match at least one of the specified distinguished
+     * names.
+     *
+     * @param issuer
+     *            the issuer to add to the criterion
      */
     public void addIssuer(X500Principal issuer) {
         if (issuer == null) {
@@ -131,7 +160,17 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * <b>Do not use:</b>, use {@link #addIssuer(X500Principal)} or
+     * {@link #addIssuerName(byte[])} instead. It can fail to match some CRLs
+     * because of a loss of encoding information in a RFC 2253 string.
+     * <p>
+     * Adds an issuer to the criterion for the issuer distinguished names. The
+     * CRK issuer must match at least one of the specified distinguished names.
+     *
+     * @param iss_name
+     *            the RFC 2253 encoded name.
+     * @throws IOException
+     *             if parsing fails.
      */
     public void addIssuerName(String iss_name) throws IOException {
         if (issuerNames == null) {
@@ -149,7 +188,15 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Adds an issuer to the criterion for the issuer distinguished names.
+     * <p>
+     * The CRL issuer must match at least one of the specified distinguished
+     * names.
+     *
+     * @param iss_name
+     *            the issuer to add to the criterion in ASN.1 DER encoded form.
+     * @throws IOException
+     *             if parsing fails.
      */
     public void addIssuerName(byte[] iss_name) throws IOException {
         if (iss_name == null) {
@@ -165,21 +212,42 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the minimum CRL number.
+     * <p>
+     * The CRL must have a number extension with a value greater than or equal
+     * to the specified parameter.
+     *
+     * @param minCRL
+     *            the minimum CRL number or null to not check the minimum CRL
+     *            number
      */
     public void setMinCRLNumber(BigInteger minCRL) {
         this.minCRL = minCRL;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the maximum CRL number.
+     * <p>
+     * The CRL must have a number extension with a value less than or equal to
+     * the specified parameter.
+     *
+     * @param maxCRL
+     *            the maximum CRL number or null to not check the maximum CRL
+     *            number.
      */
     public void setMaxCRLNumber(BigInteger maxCRL) {
         this.maxCRL = maxCRL;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the CRL update period.
+     * <p>
+     * The CRL's {@code thisUpdate} value must be equal or before the specified
+     * date and the {@code nextUpdate} value must be after the specified date.
+     *
+     * @param dateAndTime
+     *            the date to search for valid CRL's or {@code null} to not
+     *            check the date.
      */
     public void setDateAndTime(Date dateAndTime) {
         if (dateAndTime == null) {
@@ -190,14 +258,23 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets a certificate hint to find CRLs. It's not a criterion but may help
+     * finding relevant CRLs.
+     *
+     * @param cert
+     *            the certificate hint or {@code null}.
      */
     public void setCertificateChecking(X509Certificate cert) {
         this.certificateChecking = cert;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the issuer distinguished names.
+     * <p>
+     * The CRL issuer must match at least one of the distinguished names.
+     *
+     * @return the unmodifiable list of issuer distinguished names to match, or
+     *         {@code null} if any issuer distinguished name will do.
      */
     public Collection<X500Principal> getIssuers() {
         if (issuerNames == null) {
@@ -215,7 +292,12 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the issuer distinguished names.
+     * <p>
+     * The CRL issuer must match at least one of the distinguished names.
+     *
+     * @return a copy of the list of issuer distinguished names to match, or
+     *         {@code null} if any issuer distinguished name will do.
      */
     public Collection<Object> getIssuerNames() {
         if (issuerNames == null) {
@@ -225,21 +307,39 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the minimum CRL number.
+     * <p>
+     * The CRL must have a number extension with a value greater than or equal
+     * to the returned value.
+     *
+     * @return the minimum CRL number or {@code null} if the minimum CRL number
+     *         is not to be checked.
      */
     public BigInteger getMinCRL() {
         return minCRL;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the maximum CRL number.
+     * <p>
+     * The CRL must have a number extension with a value less than or equal to
+     * the returned value.
+     *
+     * @return the maximum CRL number or null if the maximum CRL number is not
+     *         checked.
      */
     public BigInteger getMaxCRL() {
         return maxCRL;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the CRL update period.
+     * <p>
+     * The CRL's {@code thisUpdate} value must be equal or before the returned
+     * date and the {@code nextUpdate} value must be after the returned date.
+     *
+     * @return the date to search for valid CRL's or {@code null} if the date is
+     *         not checked.
      */
     public Date getDateAndTime() {
         if (dateAndTime == -1) {
@@ -249,14 +349,19 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the certificate hint to find CRLs. It's not a criterion but may
+     * help finding relevant CRLs.
+     *
+     * @return the certificate hint or {@code null} if none set.
      */
     public X509Certificate getCertificateChecking() {
         return certificateChecking;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns a string representation of this {@code X509CRLSelector} instance.
+     *
+     * @return a string representation of this {@code X509CRLSelector} instance.
      */
     public String toString() {
         StringBuffer result = new StringBuffer();
@@ -287,7 +392,13 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns whether the specified CRL matches all the criteria collected in
+     * this instance.
+     *
+     * @param crl
+     *            the CRL to check.
+     * @return {@code true} if the CRL matches all the criteria, otherwise
+     *         {@code false}.
      */
     public boolean match(CRL crl) {
         if (!(crl instanceof X509CRL)) {
@@ -334,7 +445,9 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Clones this {@code X509CRL} instance.
+     *
+     * @return the cloned instance.
      */
     public Object clone() {
         X509CRLSelector result;

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CertSelector.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CertSelector.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CertSelector.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509CertSelector.java Tue Apr 28 17:01:41 2009
@@ -15,11 +15,6 @@
  *  limitations under the License.
  */
 
-/**
- * @author Alexander Y. Kleymenov
- * @version $Revision$
- */
-
 package java.security.cert;
 
 import java.io.IOException;
@@ -52,7 +47,8 @@
 
 
 /**
- * @com.intel.drl.spec_ref
+ * A certificate selector ({@code CertSelector} for selecting {@code
+ * X509Certificate}s that match the specified criteria.
  */
 public class X509CertSelector implements CertSelector {
 
@@ -82,40 +78,57 @@
     private byte[] issuerBytes;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Creates a new {@code X509CertSelector}.
      */
     public X509CertSelector() {}
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the certificate that a matching certificate must be equal to.
+     *
+     * @param certificate
+     *            the certificate to match, or null to not check this criteria.
      */
     public void setCertificate(X509Certificate certificate) {
         certificateEquals = certificate;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the certificate that a matching certificate must be equal to.
+     *
+     * @return the certificate to match, or null if this criteria is not
+     *         checked.
      */
     public X509Certificate getCertificate() {
         return certificateEquals;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the serial number that a certificate must match.
+     *
+     * @param serialNumber
+     *            the serial number to match, or {@code null} to not check the
+     *            serial number.
      */
     public void setSerialNumber(BigInteger serialNumber) {
         this.serialNumber = serialNumber;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the serial number that a certificate must match.
+     *
+     * @return the serial number to match, or {@code null} if the serial number
+     *         is not to be checked.
      */
     public BigInteger getSerialNumber() {
         return serialNumber;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the issuer that a certificate must match.
+     *
+     * @param issuer
+     *            the issuer to match, or {@code null} if the issuer is not to
+     *            be checked.
      */
     public void setIssuer(X500Principal issuer) {
         this.issuer = issuer;
@@ -124,14 +137,25 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the issuer that a certificate must match.
+     *
+     * @return the issuer that a certificate must match, or {@code null} if the
+     *         issuer is not to be checked.
      */
     public X500Principal getIssuer() {
         return issuer;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * <b>Do not use</b>, use {@link #getIssuer()} or
+     * {@link #getIssuerAsBytes()} instead. Sets the issuer that a certificate
+     * must match.
+     *
+     * @param issuerName
+     *            the issuer in a RFC 2253 format string, or {@code null} to not
+     *            check the issuer.
+     * @throws IOException
+     *             if parsing the issuer fails.
      */
     public void setIssuer(String issuerName) throws IOException {
         if (issuerName == null) {
@@ -150,7 +174,12 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * <b>Do not use</b>, use {@link #getIssuer()} or
+     * {@link #getIssuerAsBytes()} instead. Returns the issuer that a
+     * certificate must match in a RFC 2253 format string.
+     *
+     * @return the issuer in a RFC 2253 format string, or {@code null} if the
+     *         issuer is not to be checked.
      */
     public String getIssuerAsString() {
         if (issuer == null) {
@@ -163,7 +192,13 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the issuer that a certificate must match.
+     *
+     * @param issuerDN
+     *            the distinguished issuer name in ASN.1 DER encoded format, or
+     *            {@code null} to not check the issuer.
+     * @throws IOException
+     *             if decoding the issuer fail.
      */
     public void setIssuer(byte[] issuerDN) throws IOException {
         if (issuerDN == null) {
@@ -181,7 +216,12 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the issuer that a certificate must match.
+     *
+     * @return the distinguished issuer name in ASN.1 DER encoded format, or
+     *         {@code null} if the issuer is not to be checked.
+     * @throws IOException
+     *             if encoding the issuer fails.
      */
     public byte[] getIssuerAsBytes() throws IOException {
         if (issuer == null) {
@@ -196,21 +236,36 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Set the subject that a certificate must match.
+     *
+     * @param subject
+     *            the subject distinguished name or {@code null} to not check
+     *            the subject.
      */
     public void setSubject(X500Principal subject) {
         this.subject = subject;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the subject that a certificate must match.
+     *
+     * @return the subject distinguished name, or null if the subject is not to
+     *         be checked.
      */
     public X500Principal getSubject() {
         return subject;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * <b>Do not use</b>, use {@link #setSubject(byte[])} or
+     * {@link #setSubject(X500Principal)} instead. Returns the subject that a
+     * certificate must match.
+     *
+     * @param subjectDN
+     *            the subject distinguished name in RFC 2253 format or {@code
+     *            null} to not check the subject.
+     * @throws IOException
+     *             if decoding the subject fails.
      */
     public void setSubject(String subjectDN) throws IOException {
         if (subjectDN == null) {
@@ -225,7 +280,12 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * <b>Do not use</b>, use {@link #getSubject()} or
+     * {@link #getSubjectAsBytes()} instead. Returns the subject that a
+     * certificate must match.
+     *
+     * @return the subject distinguished name in RFC 2253 format, or {@code
+     *         null} if the subject is not to be checked.
      */
     public String getSubjectAsString() {
         if (subject == null) {
@@ -235,7 +295,13 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the subject that a certificate must match.
+     *
+     * @param subjectDN
+     *            the subject distinguished name in ASN.1 DER format, or {@code
+     *            null} to not check the subject.
+     * @throws IOException
+     *             if decoding the subject fails.
      */
     public void setSubject(byte[] subjectDN) throws IOException {
         if (subjectDN == null) {
@@ -250,7 +316,12 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the subject that a certificate must match.
+     *
+     * @return the subject distinguished name in ASN.1 DER format, or {@code
+     *         null} if the subject is not to be checked.
+     * @throws IOException
+     *             if encoding the subject fails.
      */
     public byte[] getSubjectAsBytes() throws IOException {
         if (subject == null) {
@@ -260,7 +331,13 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the {@literal SubjectKeyIdentifier} extension.
+     * <p>
+     * The {@code subjectKeyIdentifier} should be a single DER encoded value.
+     *
+     * @param subjectKeyIdentifier
+     *            the subject key identifier or {@code null} to disable this
+     *            check.
      */
     public void setSubjectKeyIdentifier(byte[] subjectKeyIdentifier) {
         if (subjectKeyIdentifier == null) {
@@ -273,7 +350,10 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the {@literal SubjectKeyIdentifier} extension.
+     *
+     * @return the subject key identifier or {@code null} if it is not to be
+     *         checked.
      */
     public byte[] getSubjectKeyIdentifier() {
         if (subjectKeyIdentifier == null) {
@@ -285,7 +365,11 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the {@literal AuthorityKeyIdentifier} extension.
+     *
+     * @param authorityKeyIdentifier
+     *            the authority key identifier, or {@code null} to disable this
+     *            check.
      */
     public void setAuthorityKeyIdentifier(byte[] authorityKeyIdentifier) {
         if (authorityKeyIdentifier == null) {
@@ -299,7 +383,11 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the {@literal AuthorityKeyIdentifier}
+     * extension.
+     *
+     * @return the authority key identifier, or {@code null} if it is not to be
+     *         checked.
      */
     public byte[] getAuthorityKeyIdentifier() {
         if (authorityKeyIdentifier == null) {
@@ -311,7 +399,11 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the validity date of the certificate.
+     * <p>
+     * The certificate must be valid at the specified date.
+     * @param certificateValid
+     *            the validity date or {@code null} to not check the date.
      */
     public void setCertificateValid(Date certificateValid) {
         this.certificateValid = (certificateValid == null)
@@ -320,7 +412,10 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the validity date of the certificate.
+     *
+     * @return the validity date or {@code null} if the date is not to be
+     *         checked.
      */
     public Date getCertificateValid() {
         return (certificateValid == null)
@@ -329,7 +424,12 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the validity date of the private key.
+     * <p>
+     * The private key must be valid at the specified date.
+     *
+     * @param privateKeyValid
+     *            the validity date or {@code null} to not check the date.
      */
     public void setPrivateKeyValid(Date privateKeyValid) {
         if (privateKeyValid == null) {
@@ -340,7 +440,12 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the validity date of the private key.
+     * <p>
+     * The private key must be valid at the specified date.
+     *
+     * @return the validity date or {@code null} if the date is not to be
+     *         checked.
      */
     public Date getPrivateKeyValid() {
         if (privateKeyValid != null) {
@@ -371,7 +476,16 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the subject public key signature algorithm.
+     * <p>
+     * The certificate must contain a subject public key with the algorithm
+     * specified.
+     *
+     * @param oid
+     *            the OID (object identifier) of the signature algorithm or
+     *            {@code null} to not check the OID.
+     * @throws IOException
+     *             if the specified object identifier is invalid.
      */
     public void setSubjectPublicKeyAlgID(String oid) throws IOException {
         if (oid == null) {
@@ -383,14 +497,20 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the subject public key signature algorithm.
+     *
+     * @return the OID (object identifier) or the signature algorithm or {@code
+     *         null} if it's not to be checked.
      */
     public String getSubjectPublicKeyAlgID() {
         return subjectPublicKeyAlgID;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the subject public key.
+     *
+     * @param key
+     *            the subject public key or {@code null} to not check the key.
      */
     public void setSubjectPublicKey(PublicKey key) {
         subjectPublicKey = (key == null) ? null : key.getEncoded();
@@ -398,7 +518,13 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the subject public key.
+     *
+     * @param key
+     *            the subject public key in ASN.1 DER encoded format or {@code null} to
+     *            not check the key.
+     * @throws IOException
+     *             if decoding the the public key fails.
      */
     public void setSubjectPublicKey(byte[] key) throws IOException {
         if (key == null) {
@@ -414,14 +540,22 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the subject public key.
+     *
+     * @return the subject public key or {@code null} if the key is not to be
+     *         checked.
      */
     public PublicKey getSubjectPublicKey() {
         return subjectPublicKeyImpl;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the {@literal KeyUsage} extension.
+     *
+     * @param keyUsage
+     *            the boolean array in the format as returned by
+     *            {@link X509Certificate#getKeyUsage()}, or {@code null} to not
+     *            check the key usage.
      */
     public void setKeyUsage(boolean[] keyUsage) {
         if (keyUsage == null) {
@@ -433,7 +567,11 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the {@literal KeyUsage} extension.
+     *
+     * @return the boolean array in the format as returned by
+     *         {@link X509Certificate#getKeyUsage()}, or {@code null} if the key
+     *         usage is not to be checked.
      */
     public boolean[] getKeyUsage() {
         if (keyUsage == null) {
@@ -445,7 +583,12 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the {@literal ExtendedKeyUsage} extension.
+     *
+     * @param keyUsage
+     *            the set of key usage OIDs, or {@code null} to not check it.
+     * @throws IOException
+     *             if one of the OIDs is invalid.
      */
     public void setExtendedKeyUsage(Set<String> keyUsage)
                              throws IOException {
@@ -464,28 +607,61 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the {@literal ExtendedKeyUsage} extension.
+     *
+     * @return the set of key usage OIDs, or {@code null} if it's not to be
+     *         checked.
      */
     public Set<String> getExtendedKeyUsage() {
         return extendedKeyUsage;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the flag for the matching behavior for subject alternative names.
+     * <p>
+     * The flag indicates whether a certificate must contain all or at least one
+     * of the subject alternative names specified by {@link
+     * #setSubjectAlternativeNames} or {@link #addSubjectAlternativeName}.
+     *
+     * @param matchAllNames
+     *            {@code true} if a certificate must contain all of the
+     *            specified subject alternative names, otherwise {@code false}.
      */
     public void setMatchAllSubjectAltNames(boolean matchAllNames) {
         this.matchAllNames = matchAllNames;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the flag for the matching behavior for subject alternative names.
+     * <p>
+     * The flag indicates whether a certificate must contain all or at least one
+     * of the subject alternative names specified by {@link
+     * #setSubjectAlternativeNames} or {@link #addSubjectAlternativeName}.
+     *
+     * @return {@code true} if a certificate must contain all of the specified
+     *         subject alternative names, otherwise {@code false}.
      */
     public boolean getMatchAllSubjectAltNames() {
         return matchAllNames;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for subject alternative names.
+     * <p>
+     * the certificate must contain all or at least one of the specified subject
+     * alternative names. The behavior is specified by
+     * {@link #getMatchAllSubjectAltNames}.
+     * <p>
+     * The specified parameter {@code names} is a collection with an entry for
+     * each name to be included in the criterion. The name is specified as a
+     * {@code List}, the first entry must be an {@code Integer} specifying the
+     * name type (0-8), the second entry must be a {@code String} or a byte
+     * array specifying the name (in string or ASN.1 DER encoded form)
+     *
+     * @param names
+     *            the names collection or {@code null} to not perform this check.
+     * @throws IOException
+     *             if the decoding of a name fails.
      */
     public void setSubjectAlternativeNames(Collection<List<?>> names)
                                     throws IOException {
@@ -509,7 +685,14 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Adds a subject alternative name to the respective criterion.
+     *
+     * @param tag
+     *            the type of the name
+     * @param name
+     *            the name in string format.
+     * @throws IOException
+     *             if parsing the name fails.
      */
     public void addSubjectAlternativeName(int tag, String name)
                                                        throws IOException {
@@ -525,7 +708,14 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Adds a subject alternative name to the respective criterion.
+     *
+     * @param tag
+     *            the type of the name.
+     * @param name
+     *            the name in ASN.1 DER encoded form.
+     * @throws IOException
+     *             if the decoding of the name fails.
      */
     public void addSubjectAlternativeName(int tag, byte[] name)
                                             throws IOException {
@@ -541,7 +731,18 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for subject alternative names.
+     * <p>
+     * the certificate must contain all or at least one of the specified subject
+     * alternative names. The behavior is specified by
+     * {@link #getMatchAllSubjectAltNames}.
+     * <p>
+     * The subject alternative names is a collection with an entry for each name
+     * included in the criterion. The name is specified as a {@code List}, the
+     * first entry is an {@code Integer} specifying the name type (0-8), the
+     * second entry is byte array specifying the name in ASN.1 DER encoded form)
+     *
+     * @return the names collection or {@code null} if none specified.
      */
     public Collection<List<?>> getSubjectAlternativeNames() {
         if (subjectAltNames == null) {
@@ -569,7 +770,45 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the name constraints.
+     * <p>
+     * The certificate must constraint subject and subject alternative names
+     * that match the specified name constraints.
+     * <p>
+     * The name constraints in ASN.1:
+     *
+     * <pre>
+     * NameConstraints ::= SEQUENCE {
+     *        permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
+     *        excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
+     *
+     * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+     *
+     * GeneralSubtree ::= SEQUENCE {
+     *        base                    GeneralName,
+     *        minimum         [0]     BaseDistance DEFAULT 0,
+     *        maximum         [1]     BaseDistance OPTIONAL }
+     *
+     * BaseDistance ::= INTEGER (0..MAX)
+     *
+     * GeneralName ::= CHOICE {
+     *        otherName                       [0]     OtherName,
+     *        rfc822Name                      [1]     IA5String,
+     *        dNSName                         [2]     IA5String,
+     *        x400Address                     [3]     ORAddress,
+     *        directoryName                   [4]     Name,
+     *        ediPartyName                    [5]     EDIPartyName,
+     *        uniformResourceIdentifier       [6]     IA5String,
+     *        iPAddress                       [7]     OCTET STRING,
+     *        registeredID                    [8]     OBJECT IDENTIFIER}
+     *
+     * </pre>
+     *
+     * @param bytes
+     *            the name constraints in ASN.1 DER encoded format, or null to
+     *            not check any constraints.
+     * @throws IOException
+     *             if decoding the name constraints fail.
      */
     public void setNameConstraints(byte[] bytes) throws IOException {
         this.nameConstraints = (bytes == null)
@@ -578,7 +817,10 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the name constraints.
+     *
+     * @return the name constraints or {@code null} if none specified.
+     * @see #setNameConstraints
      */
     public byte[] getNameConstraints() {
         return (nameConstraints == null)
@@ -587,7 +829,17 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the basic constraints extension.
+     * <p>
+     * A value greater than or equal to zero indicates that a certificate must
+     * include a basic constraints extension with a path length of a least that
+     * value. A value of {@code -2} indicates that only end-entity certificates
+     * are accepted. A value of {@code -1} indicates that no check is done.
+     *
+     * @param pathLen
+     *            the value specifying the criterion.
+     * @throws IllegalArgumentException
+     *             if {@code pathLen} is less than {@code -2}.
      */
     public void setBasicConstraints(int pathLen) {
         if (pathLen < -2) {
@@ -597,14 +849,31 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the basic constraints extension.
+     * <p>
+     * A value greater than or equal to zero indicates that a certificate must
+     * include a basic constraints extension with a path length of a least that
+     * value. A value of {@code -2} indicates that only end-entity certificates
+     * are accepted. A value of {@code -1} indicates that no check is done.
+     *
+     * @return the value of the criterion.
      */
     public int getBasicConstraints() {
         return pathLen;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the policy constraint.
+     * <p>
+     * The certificate must have at least one of the specified certificate
+     * policy extensions. For an empty set the certificate must have at least
+     * some policies in its policy extension.
+     *
+     * @param policies
+     *            the certificate policy OIDs, an empty set, or {@code null} to
+     *            not perform this check.
+     * @throws IOException
+     *             if parsing the specified OIDs fails.
      */
     public void setPolicy(Set<String> policies) throws IOException {
         if (policies == null) {
@@ -622,14 +891,36 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the policy constraint.
+     * <p>
+     * The certificate must have at least one of the certificate policy
+     * extensions. For an empty set the certificate must have at least some
+     * policies in its policy extension.
+     *
+     * @return the certificate policy OIDs, an empty set, or {@code null} if not
+     *         to be checked.
      */
     public Set<String> getPolicy() {
         return policies;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Sets the criterion for the pathToNames constraint.
+     * <p>
+     * This allows to specify the complete set of names, a certificate's name
+     * constraints must permit.
+     * <p>
+     * The specified parameter {@code names} is a collection with an entry for
+     * each name to be included in the criterion. The name is specified as a
+     * {@code List}, the first entry must be an {@code Integer} specifying the
+     * name type (0-8), the second entry must be a {@code String} or a byte
+     * array specifying the name (in string or ASN.1 DER encoded form)
+     *
+     * @param names
+     *            the names collection or {@code null} to not perform this
+     *            check.
+     * @throws IOException
+     *             if decoding fails.
      */
     public void setPathToNames(Collection<List<?>> names)
                                                         throws IOException {
@@ -653,7 +944,15 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Adds a {@literal "pathToName"} to the respective criterion.
+     *
+     * @param type
+     *            the type of the name.
+     * @param name
+     *            the name in string format.
+     * @throws IOException
+     *             if parsing fails.
+     * @see #setPathToNames
      */
     public void addPathToName(int type, String name) throws IOException {
         GeneralName path_name = new GeneralName(type, name);
@@ -665,7 +964,15 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Adds a {@literal "pathToName"} to the respective criterion.
+     *
+     * @param type
+     *            the type of the name
+     * @param name
+     *            the name in ASN.1 DER encoded form.
+     * @throws IOException
+     *             if decoding fails.
+     * @see #setPathToNames
      */
     public void addPathToName(int type, byte[] name) throws IOException {
         GeneralName path_name= new GeneralName(type, name);
@@ -677,7 +984,14 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the criterion for the pathToNames constraint.
+     * <p>
+     * The constraint is a collection with an entry for each name to be included
+     * in the criterion. The name is specified as a {@code List}, the first
+     * entry is an {@code Integer} specifying the name type (0-8), the second
+     * entry is a byte array specifying the name in ASN.1 DER encoded form.
+     *
+     * @return the pathToNames constraint or {@code null} if none specified.
      */
     public Collection<List<?>> getPathToNames() {
         if (pathToNames == null) {
@@ -693,7 +1007,11 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns a string representation of this {@code X509CertSelector}
+     * instance.
+     *
+     * @return a string representation of this {@code X509CertSelector}
+     *         instance.
      */
     public String toString() {
         // For convenient reading of the string representation
@@ -813,7 +1131,13 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns whether the specified certificate matches all the criteria
+     * collected in this instance.
+     *
+     * @param certificate
+     *            the certificate to check.
+     * @return {@code true} if the certificate matches all the criteria,
+     *         otherwise {@code false}.
      */
     public boolean match(Certificate certificate) {
         if (! (certificate instanceof X509Certificate)) {
@@ -1049,7 +1373,9 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Clones this {@code X509CertSelector} instance.
+     *
+     * @return the cloned instance.
      */
     public Object clone() {
         X509CertSelector result;

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509Certificate.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509Certificate.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509Certificate.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509Certificate.java Tue Apr 28 17:01:41 2009
@@ -15,11 +15,6 @@
  *  limitations under the License.
  */
 
-/**
-* @author Alexander Y. Kleymenov
-* @version $Revision$
-*/
-
 package java.security.cert;
 
 import java.io.ByteArrayInputStream;
@@ -34,7 +29,41 @@
 import org.apache.harmony.security.internal.nls.Messages;
 
 /**
- * @com.intel.drl.spec_ref
+ * Abstract base class for X.509 certificates.
+ * <p>
+ * This represents a standard way for accessing the attributes of X.509
+ * certificates.
+ * <p>
+ * The basic X.509 v3 format described in ASN.1:
+ * 
+ * <pre>
+ * Certificate  ::=  SEQUENCE  {
+ *     tbsCertificate       TBSCertificate,
+ *     signatureAlgorithm   AlgorithmIdentifier,
+ *     signature            BIT STRING  }
+ *     
+ * TBSCertificate  ::=  SEQUENCE  {
+ *      version         [0]  EXPLICIT Version DEFAULT v1,
+ *      serialNumber         CertificateSerialNumber,
+ *      signature            AlgorithmIdentifier,
+ *      issuer               Name,
+ *      validity             Validity,
+ *      subject              Name,
+ *      subjectPublicKeyInfo SubjectPublicKeyInfo,
+ *      issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
+ *                           -- If present, version must be v2 or v3
+ *      subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
+ *                           -- If present, version must be v2 or v3
+ *      extensions      [3]  EXPLICIT Extensions OPTIONAL
+ *                           -- If present, version must be v3
+ *      }
+ * </pre>
+ * <p>
+ * For more information consult RFC 2459
+ * "Internet X.509 Public Key Infrastructure Certificate and CRL Profile" at <a
+ * href
+ * ="http://www.ietf.org/rfc/rfc2459.txt">http://www.ietf.org/rfc/rfc2459.txt
+ * </a> .
  */
 public abstract class X509Certificate
         extends Certificate implements X509Extension {
@@ -42,41 +71,114 @@
     private static final long serialVersionUID = -2491127588187038216L;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Creates a new {@code X509Certificate}.
      */
     protected X509Certificate() {
         super("X.509"); //$NON-NLS-1$
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Checks whether the certificate is currently valid.
+     * <p>
+     * The validity defined in ASN.1:
+     * 
+     * <pre>
+     * validity             Validity
+     * 
+     * Validity ::= SEQUENCE { 
+     *      notBefore       CertificateValidityDate, 
+     *      notAfter        CertificateValidityDate }
+     * 
+     * CertificateValidityDate ::= CHOICE { 
+     *      utcTime         UTCTime, 
+     *      generalTime     GeneralizedTime }
+     * </pre>
+     * 
+     * @throws CertificateExpiredException
+     *             if the certificate has expired.
+     * @throws CertificateNotYetValidException
+     *             if the certificate is not yet valid.
      */
     public abstract void checkValidity()
             throws CertificateExpiredException, CertificateNotYetValidException;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Checks whether the certificate is valid at the specified date.
+     * 
+     * @param date
+     *            the date to check the validity against.
+     * @throws CertificateExpiredException
+     *             if the certificate has expired.
+     * @throws CertificateNotYetValidException
+     *             if the certificate is not yet valid.
+     * @see #checkValidity()
      */
     public abstract void checkValidity(Date date)
             throws CertificateExpiredException, CertificateNotYetValidException;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the certificates {@code version} (version number).
+     * <p>
+     * The version defined is ASN.1:
+     * 
+     * <pre>
+     * Version ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+     * </pre>
+     * 
+     * @return the version number.
      */
     public abstract int getVersion();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code serialNumber} of the certificate.
+     * <p>
+     * The ASN.1 definition of {@code serialNumber}:
+     * 
+     * <pre>
+     * CertificateSerialNumber  ::=  INTEGER
+     * </pre>
+     * 
+     * @return the serial number.
      */
     public abstract BigInteger getSerialNumber();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code issuer} (issuer distinguished name) as an
+     * implementation specific {@code Principal} object.
+     * <p>
+     * The ASN.1 definition of {@code issuer}:
+     * 
+     * <pre>
+     *  issuer      Name
+     * 
+     *  Name ::= CHOICE {
+     *      RDNSequence }
+     * 
+     *    RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+     * 
+     *    RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
+     * 
+     *    AttributeTypeAndValue ::= SEQUENCE {
+     *      type     AttributeType,
+     *      value    AttributeValue }
+     * 
+     *    AttributeType ::= OBJECT IDENTIFIER
+     * 
+     *    AttributeValue ::= ANY DEFINED BY AttributeType
+     * </pre>
+     * 
+     * <b>replaced by:</b> {@link #getIssuerX500Principal()}.
+     * 
+     * @return the {@code issuer} as an implementation specific {@code
+     *         Principal}.
      */
     public abstract Principal getIssuerDN() ;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code issuer} (issuer distinguished name) as an {@code
+     * X500Principal}.
+     * 
+     * @return the {@code issuer} (issuer distinguished name).
      */
     public X500Principal getIssuerX500Principal() {
 
@@ -97,12 +199,42 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code subject} (subject distinguished name) as an
+     * implementation specific {@code Principal} object.
+     * <p>
+     * The ASN.1 definition of {@code subject}:
+     * 
+     * <pre>
+     * subject      Name
+     * 
+     *  Name ::= CHOICE {
+     *      RDNSequence }
+     * 
+     *    RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+     * 
+     *    RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
+     * 
+     *    AttributeTypeAndValue ::= SEQUENCE {
+     *      type     AttributeType,
+     *      value    AttributeValue }
+     * 
+     *    AttributeType ::= OBJECT IDENTIFIER
+     * 
+     *    AttributeValue ::= ANY DEFINED BY AttributeType
+     * </pre>
+     * 
+     * <p>
+     * <b>replaced by:</b> {@link #getSubjectX500Principal()}.
+     *
+     * @return the {@code subject} (subject distinguished name).
      */
     public abstract Principal getSubjectDN();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code subject} (subject distinguished name) as an {@code
+     * X500Principal}.
+     * 
+     * @return the {@code subject} (subject distinguished name)
      */
     public X500Principal getSubjectX500Principal() {
 
@@ -123,58 +255,109 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code notBefore} date from the validity period of the
+     * certificate.
+     * 
+     * @return the start of the validity period.
      */
     public abstract Date getNotBefore();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code notAfter} date of the validity period of the
+     * certificate.
+     * 
+     * @return the end of the validity period.
      */
     public abstract Date getNotAfter();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code tbsCertificate} information from this certificate in
+     * DER-encoded format.
+     * 
+     * @return the DER-encoded certificate information.
+     * @throws CertificateEncodingException
+     *             if an error occurs in encoding
      */
     public abstract byte[] getTBSCertificate()
                                     throws CertificateEncodingException;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the raw signature bits from the certificate.
+     * 
+     * @return the raw signature bits from the certificate.
      */
     public abstract byte[] getSignature();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the name of the algorithm for the certificate signature.
+     * 
+     * @return the signature algorithm name.
      */
     public abstract String getSigAlgName();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the OID of the signature algorithm from the certificate.
+     * 
+     * @return the OID of the signature algorithm.
      */
     public abstract String getSigAlgOID();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the parameters of the signature algorithm in DER-encoded format.
+     * 
+     * @return the parameters of the signature algorithm, or {@code null} if
+     *         none are used.
      */
     public abstract byte[] getSigAlgParams();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code issuerUniqueID} from the certificate.
+     * 
+     * @return the {@code issuerUniqueID} or {@code null} if there's none in the
+     *         certificate.
      */
     public abstract boolean[] getIssuerUniqueID();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code subjectUniqueID} from the certificate.
+     * 
+     * @return the {@code subjectUniqueID} or null if there's none in the
+     *         certificate.
      */
     public abstract boolean[] getSubjectUniqueID();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the {@code KeyUsage} extension as a {@code boolean} array.
+     * <p>
+     * The ASN.1 definition of {@code KeyUsage}:
+     * 
+     * <pre>
+     * KeyUsage ::= BIT STRING {
+     *      digitalSignature        (0),
+     *      nonRepudiation          (1),
+     *      keyEncipherment         (2),
+     *      dataEncipherment        (3),
+     *      keyAgreement            (4),
+     *      keyCertSign             (5),
+     *      cRLSign                 (6),
+     *      encipherOnly            (7),
+     *      decipherOnly            (8) }
+     * 
+     * </pre>
+     * 
+     * @return the {@code KeyUsage} extension or {@code null} if there's none in
+     *         the certificate.
      */
     public abstract boolean[] getKeyUsage();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns a read-only list of OID strings representing the {@code
+     * ExtKeyUsageSyntax} field of the extended key usage extension.
+     * 
+     * @return the extended key usage extension, or {@code null} if there's none
+     *         in the certificate.
+     * @throws CertificateParsingException
+     *             if the extension decoding fails.
      */
     public List<String> getExtendedKeyUsage()
                         throws CertificateParsingException {
@@ -182,12 +365,43 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the path length of the certificate constraints from the {@code
+     * BasicContraints} extension.
+     * 
+     * @return the path length of the certificate constraints if the extension
+     *         is present or {@code -1} if the extension is not present. {@code
+     *         Integer.MAX_VALUE} if there's not limit.
      */
     public abstract int getBasicConstraints();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns a read-only list of the subject alternative names from the
+     * {@code SubjectAltName} extension.
+     * <p>
+     * The ASN.1 definition of {@code SubjectAltName}:
+     * 
+     * <pre>
+     * SubjectAltName ::= GeneralNames
+     * 
+     * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+     * 
+     * GeneralName ::= CHOICE {
+     *      otherName                       [0]     AnotherName,
+     *      rfc822Name                      [1]     IA5String,
+     *      dNSName                         [2]     IA5String,
+     *      x400Address                     [3]     ORAddress,
+     *      directoryName                   [4]     Name,
+     *      ediPartyName                    [5]     EDIPartyName,
+     *      uniformResourceIdentifier       [6]     IA5String,
+     *      iPAddress                       [7]     OCTET STRING,
+     *      registeredID                    [8]     OBJECT IDENTIFIER }
+     * 
+     * </pre>
+     * 
+     * @return the subject alternative names or {@code null} if there are none
+     *         in the certificate.
+     * @throws CertificateParsingException
+     *             if decoding of the extension fails.
      */
     public Collection<List<?>> getSubjectAlternativeNames()
                                     throws CertificateParsingException {
@@ -195,7 +409,33 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns a read-only list of the issuer alternative names from the {@code
+     * IssuerAltName} extension.
+     * <p>
+     * The ASN.1 definition of {@code IssuerAltName}:
+     * 
+     * <pre>
+     * IssuerAltName ::= GeneralNames
+     * 
+     * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+     * 
+     * GeneralName ::= CHOICE {
+     *      otherName                       [0]     AnotherName,
+     *      rfc822Name                      [1]     IA5String,
+     *      dNSName                         [2]     IA5String,
+     *      x400Address                     [3]     ORAddress,
+     *      directoryName                   [4]     Name,
+     *      ediPartyName                    [5]     EDIPartyName,
+     *      uniformResourceIdentifier       [6]     IA5String,
+     *      iPAddress                       [7]     OCTET STRING,
+     *      registeredID                    [8]     OBJECT IDENTIFIER }
+     * 
+     * </pre>
+     * 
+     * @return the issuer alternative names of {@code null} if there are none in
+     *         the certificate.
+     * @throws CertificateParsingException
+     *             if decoding of the extension fails.
      */
     public Collection<List<?>> getIssuerAlternativeNames()
                                     throws CertificateParsingException {

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509Extension.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509Extension.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509Extension.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/cert/X509Extension.java Tue Apr 28 17:01:41 2009
@@ -15,38 +15,52 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.cert;
 
 import java.util.Set;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface specifying an X.509 Certificate or CRL extension.
  */
 public interface X509Extension {
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the set of OIDs of the extension(s) marked as CRITICAL, that this
+     * implementation manages.
+     * 
+     * @return the set of extension OIDs marked as CRITIAL, an empty set if none
+     *         are marked as CRITICAL, or {@code null} if no extensions are
+     *         present.
      */
     public Set<String> getCriticalExtensionOIDs();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the extension value as DER-encoded OCTET string for the specified
+     * OID.
+     * 
+     * @param oid
+     *            the object identifier to get the extension value for.
+     * @return the extension value as DER-encoded OCTET string, or {@code null}
+     *         if no extension for the specified OID can be found.
      */
     public byte[] getExtensionValue(String oid);
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the set of OIDs of the extension(s) marked as NON-CRITICAL, that
+     * this implementation manages.
+     * 
+     * @return the set of extension OIDs marked as NON-CRITIAL, an empty set if
+     *         none are marked as NON-.CRITICAL, or {@code null} if no
+     *         extensions are present.
      */
     public Set<String> getNonCriticalExtensionOIDs();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns whether this instance has an extension marked as CRITICAL that it
+     * cannot support.
+     * 
+     * @return {@code true} if an unsupported CRITICAL extension is present,
+     *         {@code false} otherwise.
      */
     public boolean hasUnsupportedCriticalExtension();
 }

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAKey.java Tue Apr 28 17:01:41 2009
@@ -15,21 +15,19 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
 
 package java.security.interfaces;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The base interface for Digital Signature Algorithm (DSA) public or private
+ * keys.
  */
 public interface DSAKey {
+
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the DSA key parameters.
+     * 
+     * @return the DSA key parameters.
      */
     public DSAParams getParams();
 

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAKeyPairGenerator.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAKeyPairGenerator.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAKeyPairGenerator.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAKeyPairGenerator.java Tue Apr 28 17:01:41 2009
@@ -15,31 +15,52 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.security.InvalidParameterException;
 import java.security.SecureRandom;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for key generators that can generate DSA key pairs.
  */
 public interface DSAKeyPairGenerator {
+
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Initializes this generator with the prime ({@code p}), subprime ({@code
+     * q}), and base ({@code g}) values from the specified parameters.
+     * 
+     * @param params
+     *            the parameter values.
+     * @param random
+     *            the source of randomness.
+     * @throws InvalidParameterException
+     *             if the specified parameter values are {@code null} or
+     *             invalid.
      */
     public void initialize(DSAParams params, SecureRandom random)
             throws InvalidParameterException;
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Initializes this generator for the specified modulus length. Valid values
+     * for the modulus length are the multiples of 8 between 512 and 1024.
+     * <p>
+     * The parameter {@code genParams} specifies whether this method should
+     * generate new prime ({@code p}), subprime ({@code q}), and base ({@code g})
+     * values or whether
+     * it will use the pre-calculated values for the specified modulus
+     * length. Default parameters are available for modulus lengths of 512 and 1024
+     * bits.
+     * 
+     * @param modlen
+     *            the length of the modulus in bits.
+     * @param genParams
+     *            whether new values should be generated.
+     * @param random
+     *            the source of randomness.
+     * @throws InvalidParameterException
+     *             if the specified modulus length is not valid, or if there are
+     *             no pre-calculated values and {@code genParams} is {@code
+     *             false}.
      */
     public void initialize(int modlen, boolean genParams, SecureRandom random)
             throws InvalidParameterException;

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAParams.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAParams.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAParams.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAParams.java Tue Apr 28 17:01:41 2009
@@ -15,36 +15,33 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for Digital Signature Algorithm (DSA) specific parameters. 
  */
 public interface DSAParams {
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the base ({@code g}) value.
+     * 
+     * @return the base ({@code g}) value.
      */
     public BigInteger getG();
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the prime ({@code p}) value.
+     * 
+     * @return the prime ({@code p}) value.
      */
     public BigInteger getP();
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the subprime ({@code q} value.
+     * 
+     * @return the subprime ({@code q} value.
      */
     public BigInteger getQ();
 

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAPrivateKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAPrivateKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAPrivateKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAPrivateKey.java Tue Apr 28 17:01:41 2009
@@ -15,30 +15,25 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 import java.security.PrivateKey;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for a Digital Signature Algorithm (DSA) private key.
  */
 public interface DSAPrivateKey extends DSAKey, PrivateKey {
+
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * The serial version identifier.
      */
     public static final long serialVersionUID = 7776497482533790279L;
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the private key value {@code x}.
+     * 
+     * @return the private key value {@code x}.
      */
     public BigInteger getX();
 

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAPublicKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAPublicKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAPublicKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/DSAPublicKey.java Tue Apr 28 17:01:41 2009
@@ -15,28 +15,25 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 import java.security.PublicKey;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for a Digital Signature Algorithm (DSA) public key. 
  */
 public interface DSAPublicKey extends DSAKey, PublicKey {
+
     /**
-     * @com.intel.drl.spec_ref
+     * The serial version identifier.
      */
     public static final long serialVersionUID = 1234526332779022332L;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the public key value {@code y}.
+     * 
+     * @return the public key value {@code y}.
      */
     public BigInteger getY();
 

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECKey.java Tue Apr 28 17:01:41 2009
@@ -15,23 +15,19 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.security.spec.ECParameterSpec;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The base interface for Elliptic Curve (EC) public or private keys.
  */
 public interface ECKey {
+
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the EC key parameters.
+     * 
+     * @return the EC key parameters.
      */
     public ECParameterSpec getParams();
 }
\ No newline at end of file

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECPrivateKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECPrivateKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECPrivateKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECPrivateKey.java Tue Apr 28 17:01:41 2009
@@ -15,28 +15,25 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 import java.security.PrivateKey;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for an Elliptic Curve (EC) private key.
  */
 public interface ECPrivateKey extends PrivateKey, ECKey {
+
     /**
-     * @com.intel.drl.spec_ref
+     * The serial version identifier.
      */
     public static final long serialVersionUID = -7896394956925609184L;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the private value {@code S}.
+     * 
+     * @return the private value {@code S}.
      */
     public BigInteger getS();
 }
\ No newline at end of file

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECPublicKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECPublicKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECPublicKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/ECPublicKey.java Tue Apr 28 17:01:41 2009
@@ -15,28 +15,25 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.security.spec.ECPoint;
 import java.security.PublicKey;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for an Elliptic Curve (EC) public key.
  */
 public interface ECPublicKey extends PublicKey, ECKey {
+
     /**
-     * @com.intel.drl.spec_ref
+     * The serial version identifier.
      */
     public static final long serialVersionUID = -3314988629879632826L;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the public point {@code W} on an elliptic curve (EC).
+     * 
+     * @return the public point {@code W} on an elliptic curve (EC).
      */
     public ECPoint getW();
 }
\ No newline at end of file

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAKey.java Tue Apr 28 17:01:41 2009
@@ -15,22 +15,19 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The base interface for PKCS#1 RSA public and private keys.
  */
 public interface RSAKey {
+
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the modulus.
+     * 
+     * @return the modulus.
      */
     public BigInteger getModulus();
 }
\ No newline at end of file

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAMultiPrimePrivateCrtKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAMultiPrimePrivateCrtKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAMultiPrimePrivateCrtKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAMultiPrimePrivateCrtKey.java Tue Apr 28 17:01:41 2009
@@ -15,58 +15,70 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 import java.security.spec.RSAOtherPrimeInfo;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for a Multi-Prime RSA private key. Specified by <a
+ * href="http://www.rsa.com/rsalabs/node.asp?id=2125">PKCS #1 v2.0 Amendment 1:
+ * Multi-Prime RSA</a>.
  */
 public interface RSAMultiPrimePrivateCrtKey extends RSAPrivateKey {
+
     /**
-     * @com.intel.drl.spec_ref
+     * the serial version identifier.
      */
     public static final long serialVersionUID = 618058533534628008L;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the CRT coefficient, {@code q^-1 mod p}.
+     * 
+     * @return the CRT coefficient.
      */
     public BigInteger getCrtCoefficient();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the information for the additional primes.
+     * 
+     * @return the information for the additional primes, or {@code null} if
+     *         there are only the two primes ({@code p, q}),
      */
     public RSAOtherPrimeInfo[] getOtherPrimeInfo();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the prime factor {@code p} of {@code n}.
+     * 
+     * @return the prime factor {@code p} of {@code n}.
      */
     public BigInteger getPrimeP();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the prime factor {@code q} of {@code n}.
+     * 
+     * @return the prime factor {@code q} of {@code n}.
      */
     public BigInteger getPrimeQ();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the CRT exponent of the prime {@code p}.
+     * 
+     * @return the CRT exponent of the prime {@code p}.
      */
     public BigInteger getPrimeExponentP();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the CRT exponent of the prime {@code q}.
+     * 
+     * @return the CRT exponent of the prime {@code q}.
      */
     public BigInteger getPrimeExponentQ();
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the public exponent {@code e}.
+     * 
+     * @return the public exponent {@code e}.
      */
     public BigInteger getPublicExponent();
 }
\ No newline at end of file

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPrivateCrtKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPrivateCrtKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPrivateCrtKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPrivateCrtKey.java Tue Apr 28 17:01:41 2009
@@ -15,59 +15,59 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for a PKCS#1 RSA private key using CRT information values.
  */
 public interface RSAPrivateCrtKey extends RSAPrivateKey {
 
     /**
-     * @com.intel.drl.spec_ref
+     * The serial version identifier.
      */
     public static final long serialVersionUID = -5682214253527700368L;
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the CRT coefficient, {@code q^-1 mod p}.
+     * 
+     * @return the CRT coefficient.
      */
     public BigInteger getCrtCoefficient();
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the prime factor {@code p} of {@code n}.
+     * 
+     * @return the prime factor {@code p} of {@code n}.
      */
     public BigInteger getPrimeP();
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the prime factor {@code q} of {@code n}.
+     * 
+     * @return the prime factor {@code q} of {@code n}.
      */
     public BigInteger getPrimeQ();
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the CRT exponent of the primet {@code p}.
+     * 
+     * @return the CRT exponent of the prime {@code p}.
      */
     public BigInteger getPrimeExponentP();
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the CRT exponent of the prime {@code q}.
+     * 
+     * @return the CRT exponent of the prime {@code q}.
      */
     public BigInteger getPrimeExponentQ();
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the public exponent {@code e}.
+     * 
+     * @return the public exponent {@code e}.
      */
     public BigInteger getPublicExponent();
 }
\ No newline at end of file

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPrivateKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPrivateKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPrivateKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPrivateKey.java Tue Apr 28 17:01:41 2009
@@ -15,29 +15,25 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 import java.security.PrivateKey;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for an PKCS#1 RSA private key.
  */
 public interface RSAPrivateKey extends PrivateKey, RSAKey {
+
     /**
-     * @com.intel.drl.spec_ref
+     * The serial version identifier.
      */
     public static final long serialVersionUID = 5187144804936595022L;
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the private exponent {@code d}.
+     * 
+     * @return the private exponent {@code d}.
      */
     public BigInteger getPrivateExponent();
 }
\ No newline at end of file

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPublicKey.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPublicKey.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPublicKey.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/interfaces/RSAPublicKey.java Tue Apr 28 17:01:41 2009
@@ -15,29 +15,25 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.interfaces;
 
 import java.math.BigInteger;
 import java.security.PublicKey;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The interface for a PKCS#1 RSA public key.
  */
 public interface RSAPublicKey extends PublicKey, RSAKey {
+
     /**
-     * @com.intel.drl.spec_ref
+     * The serial version identifier.
      */
     public static final long serialVersionUID = -8727434096241101194L;
 
     /**
-     * @com.intel.drl.spec_ref
-     *  
+     * Returns the public exponent {@code e}.
+     * 
+     * @return the public exponent {@code e}.
      */
     public BigInteger getPublicExponent();
 

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/AlgorithmParameterSpec.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/AlgorithmParameterSpec.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/AlgorithmParameterSpec.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/AlgorithmParameterSpec.java Tue Apr 28 17:01:41 2009
@@ -15,16 +15,11 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vera Y. Petrashkova
-* @version $Revision$
-*/
-
 package java.security.spec;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The marker interface for algorithm parameter specifications. The purpose is
+ * to group parameter specifications for algorithms.
  */
 public interface AlgorithmParameterSpec {
 }
\ No newline at end of file

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAParameterSpec.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAParameterSpec.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAParameterSpec.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAParameterSpec.java Tue Apr 28 17:01:41 2009
@@ -15,19 +15,13 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vladimir N. Molotkov
-* @version $Revision$
-*/
-
 package java.security.spec;
 
 import java.math.BigInteger;
 import java.security.interfaces.DSAParams;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The parameter specification used with the Digital Signature Algorithm (DSA). 
  */
 public class DSAParameterSpec implements AlgorithmParameterSpec, DSAParams {
     // Prime
@@ -38,7 +32,15 @@
     private final BigInteger g;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Creates a new {@code DSAParameterSpec} with the specified prime {@code p},
+     * sub-prime {@code q} and the base {@code g}.
+     * 
+     * @param p
+     *            the prime {@code p}.
+     * @param q
+     *            the sub-prime {@code q}.
+     * @param g
+     *            the base {@code g};
      */
     public DSAParameterSpec(BigInteger p, BigInteger q, BigInteger g) {
         this.p = p;
@@ -47,21 +49,27 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the base {@code g}.
+     * 
+     * @return the base {@code g}.
      */
     public BigInteger getG() {
         return g;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the prime {@code p}.
+     * 
+     * @return the prime {@code p}.
      */
     public BigInteger getP() {
         return p;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the sub-prime {@code q}.
+     * 
+     * @return the sub-prime {@code q}.
      */
     public BigInteger getQ() {
         return q;

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAPrivateKeySpec.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAPrivateKeySpec.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAPrivateKeySpec.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAPrivateKeySpec.java Tue Apr 28 17:01:41 2009
@@ -15,18 +15,12 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vladimir N. Molotkov
-* @version $Revision$
-*/
-
 package java.security.spec;
 
 import java.math.BigInteger;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The parameters specifying a DSA private key.
  */
 public class DSAPrivateKeySpec implements KeySpec {
     // Private key
@@ -39,7 +33,17 @@
     private final BigInteger g;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Creates a new {@code DSAPrivateKeySpec} with the specified private key,
+     * prime, sub-prime and base.
+     * 
+     * @param x
+     *            the private key {@code x}.
+     * @param p
+     *            the prime {@code p}.
+     * @param q
+     *            the sub-prime {@code q}.
+     * @param g
+     *            the base {@code g}.
      */
     public DSAPrivateKeySpec(BigInteger x, BigInteger p,
             BigInteger q, BigInteger g) {
@@ -50,28 +54,36 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the base {@code g}.
+     * 
+     * @return the base {@code g}.
      */
     public BigInteger getG() {
         return g;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the prime {@code p}.
+     * 
+     * @return the prime {@code p}.
      */
     public BigInteger getP() {
         return p;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the sub-prime {@code q}.
+     * 
+     * @return the sub-prime {@code q}.
      */
     public BigInteger getQ() {
         return q;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the private key {@code x}.
+     * 
+     * @return the private key {@code x}.
      */
     public BigInteger getX() {
         return x;

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAPublicKeySpec.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAPublicKeySpec.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAPublicKeySpec.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/DSAPublicKeySpec.java Tue Apr 28 17:01:41 2009
@@ -15,18 +15,12 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vladimir N. Molotkov
-* @version $Revision$
-*/
-
 package java.security.spec;
 
 import java.math.BigInteger;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The parameters specifying a DSA public key.
  */
 public class DSAPublicKeySpec implements KeySpec {
     // Public key
@@ -39,7 +33,17 @@
     private final BigInteger g;
 
     /**
-     * @com.intel.drl.spec_ref
+     * Creates a new {@code DSAPublicKeySpec} with the specified public key,
+     *  prime, sub-prime and base.
+     * 
+     * @param y
+     *            the public key value {@code y}.
+     * @param p
+     *            the prime {@code p}.
+     * @param q
+     *            the sub-prime {@code q}.
+     * @param g
+     *            the base {@code g}.
      */
     public DSAPublicKeySpec(BigInteger y, BigInteger p,
             BigInteger q, BigInteger g) {
@@ -50,28 +54,36 @@
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the base {@code g}.
+     * 
+     * @return the base {@code g}.
      */
     public BigInteger getG() {
         return g;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the prime {@code p}.
+     * 
+     * @return the prime {@code p}.
      */
     public BigInteger getP() {
         return p;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the sub-prime {@code q}.
+     * 
+     * @return the sub-prime {@code q}.
      */
     public BigInteger getQ() {
         return q;
     }
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the public key value {@code y}.
+     * 
+     * @return the public key value {@code y}.
      */
     public BigInteger getY() {
         return y;

Modified: harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/ECField.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/ECField.java?rev=769463&r1=769462&r2=769463&view=diff
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/ECField.java (original)
+++ harmony/enhanced/classlib/trunk/modules/security/src/main/java/common/java/security/spec/ECField.java Tue Apr 28 17:01:41 2009
@@ -15,21 +15,17 @@
  *  limitations under the License.
  */
 
-/**
-* @author Vladimir N. Molotkov
-* @version $Revision$
-*/
-
 package java.security.spec;
 
 /**
- * @com.intel.drl.spec_ref
- * 
+ * The base interface for a Finite Field of an Elliptic Curve. 
  */
 public interface ECField {
 
     /**
-     * @com.intel.drl.spec_ref
+     * Returns the size of the field (in bits).
+     * 
+     * @return the size of the field (in bits).
      */
     int getFieldSize();
 }



Mime
View raw message