jdk-sandbox: comparison jdk/src/java.base/share/classes/java/security/cert/X509CertSelector.java

equal deleted inserted replaced

-:580934a3052b
+:c182469301ee
 /*
-* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+* Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * usually, since it is possible for two issuing CAs to have the same
 * distinguished name and each issue a certificate with the same serial
 * number. Other unique combinations include the issuer, subject,
 * subjectKeyIdentifier and/or the subjectPublicKey criteria.
 * <p>
-* Please refer to <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280:
+* Please refer to <a href="http://tools.ietf.org/html/rfc5280">RFC 5280:
 * Internet X.509 Public Key Infrastructure Certificate and CRL Profile</a> for
 * definitions of the X.509 certificate extensions mentioned below.
 * <p>
 * <b>Concurrent Access</b>
 * <p>
 * duplicate, it may be ignored.
 * <p>
 * The name is provided in string format.
 * <a href="http://www.ietf.org/rfc/rfc822.txt">RFC 822</a>, DNS, and URI
 * names use the well-established string formats for those types (subject to
-* the restrictions included in RFC 3280). IPv4 address names are
+* the restrictions included in RFC 5280). IPv4 address names are
 * supplied using dotted quad notation. OID address names are represented
 * as a series of nonnegative integers separated by periods. And
 * directory names (distinguished names) are supplied in RFC 2253 format.
 * No standard string format is defined for otherNames, X.400 names,
 * EDI party names, IPv6 address names, or any other type of names. They
 * This method should not be relied on as it can fail to match some
 * certificates because of a loss of encoding information in the RFC 2253
 * String form of some distinguished names.
 *
 * @param type the name type (0-8, as specified in
-*             RFC 3280, section 4.2.1.7)
+*             RFC 5280, section 4.2.1.6)
 * @param name the name in string form (not {@code null})
 * @throws IOException if a parsing error occurs
 */
 public void addSubjectAlternativeName(int type, String name)
 throws IOException {
 * subjectAlternativeNames criterion. If the specified name is a
 * duplicate, it may be ignored.
 * <p>
 * The name is provided as a byte array. This byte array should contain
 * the DER encoded name, as it would appear in the GeneralName structure
-* defined in RFC 3280 and X.509. The encoded byte array should only contain
+* defined in RFC 5280 and X.509. The encoded byte array should only contain
 * the encoded value of the name, and should not include the tag associated
 * with the name in the GeneralName structure. The ASN.1 definition of this
 * structure appears below.
 * <pre>{@code
 *  GeneralName ::= CHOICE {
 * A private method that adds a name (String or byte array) to the
 * subjectAlternativeNames criterion. The {@code X509Certificate}
 * must contain the specified subjectAlternativeName.
 *
 * @param type the name type (0-8, as specified in
-*             RFC 3280, section 4.2.1.7)
+*             RFC 5280, section 4.2.1.6)
 * @param name the name in string or byte array form
 * @throws IOException if a parsing error occurs
 */
 private void addSubjectAlternativeNameInternal(int type, Object name)
 throws IOException {
 * must have subject and subject alternative names that
 * meet the specified name constraints.
 * <p>
 * The name constraints are specified as a byte array. This byte array
 * should contain the DER encoded form of the name constraints, as they
-* would appear in the NameConstraints structure defined in RFC 3280
+* would appear in the NameConstraints structure defined in RFC 5280
 * and X.509. The ASN.1 definition of this structure appears below.
 *
 * <pre>{@code
 *  NameConstraints ::= SEQUENCE {
 *       permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
 * The specified name is added to any previous value for the
 * pathToNames criterion.  If the name is a duplicate, it may be ignored.
 * <p>
 * The name is provided in string format. RFC 822, DNS, and URI names
 * use the well-established string formats for those types (subject to
-* the restrictions included in RFC 3280). IPv4 address names are
+* the restrictions included in RFC 5280). IPv4 address names are
 * supplied using dotted quad notation. OID address names are represented
 * as a series of nonnegative integers separated by periods. And
 * directory names (distinguished names) are supplied in RFC 2253 format.
 * No standard string format is defined for otherNames, X.400 names,
 * EDI party names, IPv6 address names, or any other type of names. They
 * This method should not be relied on as it can fail to match some
 * certificates because of a loss of encoding information in the RFC 2253
 * String form of some distinguished names.
 *
 * @param type the name type (0-8, as specified in
-*             RFC 3280, section 4.2.1.7)
+*             RFC 5280, section 4.2.1.6)
 * @param name the name in string form
 * @throws IOException if a parsing error occurs
 */
 public void addPathToName(int type, String name) throws IOException {
 addPathToNameInternal(type, name);
 * The specified name is added to any previous value for the
 * pathToNames criterion. If the name is a duplicate, it may be ignored.
 * <p>
 * The name is provided as a byte array. This byte array should contain
 * the DER encoded name, as it would appear in the GeneralName structure
-* defined in RFC 3280 and X.509. The ASN.1 definition of this structure
+* defined in RFC 5280 and X.509. The ASN.1 definition of this structure
 * appears in the documentation for
 * {@link #addSubjectAlternativeName(int type, byte [] name)
 * addSubjectAlternativeName(int type, byte [] name)}.
 * <p>
 * Note that the byte array supplied here is cloned to protect against
 * subsequent modifications.
 *
 * @param type the name type (0-8, as specified in
-*             RFC 3280, section 4.2.1.7)
+*             RFC 5280, section 4.2.1.6)
 * @param name a byte array containing the name in ASN.1 DER encoded form
 * @throws IOException if a parsing error occurs
 */
 public void addPathToName(int type, byte [] name) throws IOException {
 // clone because byte arrays are modifiable
 * A private method that adds a name (String or byte array) to the
 * pathToNames criterion. The {@code X509Certificate} must contain
 * the specified pathToName.
 *
 * @param type the name type (0-8, as specified in
-*             RFC 3280, section 4.2.1.7)
+*             RFC 5280, section 4.2.1.6)
 * @param name the name in string or byte array form
 * @throws IOException if an encoding error occurs (incorrect form for DN)
 */
 private void addPathToNameInternal(int type, Object name)
 throws IOException {
 * must have subject and subject alternative names that
 * meet the specified name constraints.
 * <p>
 * The name constraints are returned as a byte array. This byte array
 * contains the DER encoded form of the name constraints, as they
-* would appear in the NameConstraints structure defined in RFC 3280
+* would appear in the NameConstraints structure defined in RFC 5280
 * and X.509. The ASN.1 notation for this structure is supplied in the
 * documentation for
 * {@link #setNameConstraints(byte [] bytes) setNameConstraints(byte [] bytes)}.
 * <p>
 * Note that the byte array returned is cloned to protect against

changeset 26967	c182469301ee
parent 25859	3317bb8137f4
child 29264	5172066a2da6