8029475: Fix more doclint issues in javax.security

Reviewed-by: juh

jdk/src/share/classes/javax/crypto/Cipher.java

@@ -62,17 +62,17 @@ import sun.security.jca.*;
  * algorithm (e.g., <i>DES</i>), and may be followed by a feedback mode and
  * padding scheme.
  *
- * <p> A transformation is of the form:<p>
+ * <p> A transformation is of the form:
  *
  * <ul>
  * <li>"<i>algorithm/mode/padding</i>" or
- * <p>
+ *
  * <li>"<i>algorithm</i>"
  * </ul>
  *
  * <P> (in the latter case,
  * provider-specific default values for the mode and padding scheme are used).
- * For example, the following is a valid transformation:<p>
+ * For example, the following is a valid transformation:
  *
  * <pre>
  *     Cipher c = Cipher.getInstance("<i>DES/CBC/PKCS5Padding</i>");

jdk/src/share/classes/javax/crypto/CipherSpi.java

@@ -62,17 +62,17 @@ import java.nio.ByteBuffer;
  * algorithm (e.g., <i>DES</i>), and may be followed by a feedback mode and
  * padding scheme.
  *
- * <p> A transformation is of the form:<p>
+ * <p> A transformation is of the form:
  *
  * <ul>
  * <li>"<i>algorithm/mode/padding</i>" or
- * <p>
+ *
  * <li>"<i>algorithm</i>"
  * </ul>
  *
  * <P> (in the latter case,
  * provider-specific default values for the mode and padding scheme are used).
- * For example, the following is a valid transformation:<p>
+ * For example, the following is a valid transformation:
  *
  * <pre>
  *     Cipher c = Cipher.getInstance("<i>DES/CBC/PKCS5Padding</i>");
@@ -129,7 +129,7 @@ import java.nio.ByteBuffer;
  * <i>DES/CBC/PKCS5Padding</i>, one that implements
  * <i>DES/CFB/PKCS5Padding</i>, and yet another one that implements
  * <i>DES/OFB/PKCS5Padding</i>. That provider would have the following
- * <code>Cipher</code> properties in its master class:<p>
+ * <code>Cipher</code> properties in its master class:
  *
  * <ul>
  *
@@ -160,7 +160,7 @@ import java.nio.ByteBuffer;
  * and one for <i>OFB</i>), one class for <i>PKCS5Padding</i>,
  * and a generic <i>DES</i> class that subclasses from <code>CipherSpi</code>.
  * That provider would have the following
- * <code>Cipher</code> properties in its master class:<p>
+ * <code>Cipher</code> properties in its master class:
  *
  * <ul>
  *
@@ -197,20 +197,20 @@ import java.nio.ByteBuffer;
  * Check if the provider has registered a subclass of <code>CipherSpi</code>
  * for the specified "<i>algorithm/mode/padding</i>" transformation.
  * <p>If the answer is YES, instantiate it.
- * <p>If the answer is NO, go to the next step.<p>
+ * <p>If the answer is NO, go to the next step.
  * <li>
  * Check if the provider has registered a subclass of <code>CipherSpi</code>
  * for the sub-transformation "<i>algorithm/mode</i>".
  * <p>If the answer is YES, instantiate it, and call
  * <code>engineSetPadding(<i>padding</i>)</code> on the new instance.
- * <p>If the answer is NO, go to the next step.<p>
+ * <p>If the answer is NO, go to the next step.
  * <li>
  * Check if the provider has registered a subclass of <code>CipherSpi</code>
  * for the sub-transformation "<i>algorithm//padding</i>" (note the double
  * slashes).
  * <p>If the answer is YES, instantiate it, and call
  * <code>engineSetMode(<i>mode</i>)</code> on the new instance.
- * <p>If the answer is NO, go to the next step.<p>
+ * <p>If the answer is NO, go to the next step.
  * <li>
  * Check if the provider has registered a subclass of <code>CipherSpi</code>
  * for the sub-transformation "<i>algorithm</i>".

jdk/src/share/classes/javax/crypto/KeyGenerator.java

@@ -66,7 +66,6 @@ import sun.security.jca.GetInstance.Instance;
  * algorithm-independent <code>init</code> methods, it is up to the
  * provider what to do about the algorithm-specific parameters (if any) to be
  * associated with each of the keys.
- * <p>
  *
  * <li><b>Algorithm-Specific Initialization</b>
  * <p>For situations where a set of algorithm-specific parameters already

jdk/src/share/classes/javax/crypto/SealedObject.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -50,7 +50,7 @@ import java.security.NoSuchProviderException;
  * to a SealedObject.
  *
  * <p> The original object that was sealed can be recovered in two different
- * ways: <p>
+ * ways:
  *
  * <ul>
  *
@@ -68,8 +68,6 @@ import java.security.NoSuchProviderException;
  * decryption key, it could hand over the cipher object to
  * another party who then unseals the sealed object.
  *
- * <p>
- *
  * <li>by using one of the
  * {@link #getObject(java.security.Key) getObject} methods
  * that take a <code>Key</code> object.

jdk/src/share/classes/javax/net/ssl/SSLEngine.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -329,7 +329,7 @@ import java.nio.ReadOnlyBufferException;
  * is saved.  All future delegated tasks will be processed using this
  * context:  that is, all access control decisions will be made using the
  * context captured at engine creation.
- * <P>
+ *
  * <HR>
  *
  * <B>Concurrency Notes</B>:
@@ -345,7 +345,7 @@ import java.nio.ReadOnlyBufferException;
  *      out-of-order, unexpected or fatal results may occur.
  * <P>
  *      For example:
- * <P>
+ *
  *      <pre>
  *              synchronized (outboundLock) {
  *                  sslEngine.wrap(src, dst);

jdk/src/share/classes/javax/net/ssl/SSLPermission.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -43,7 +43,6 @@ import java.security.*;
  * The following table lists all the possible SSLPermission target names,
  * and for each provides a description of what the permission allows
  * and a discussion of the risks of granting code the permission.
- * <P>
  *
  * <table border=1 cellpadding=5
  *  summary="permission name, what it allows, and associated risks">

jdk/src/share/classes/javax/security/auth/PrivateCredentialPermission.java

@@ -228,8 +228,8 @@ public final class PrivateCredentialPermission extends Permission {
      * <p>
      *
      * This method returns true if:
-     * <p><ul>
-     * <li> <i>p</i> is an instanceof PrivateCredentialPermission and <p>
+     * <ul>
+     * <li> <i>p</i> is an instanceof PrivateCredentialPermission and
      * <li> the target name for <i>p</i> is implied by this object's
      *          target name.  For example:
      * <pre>

jdk/src/share/classes/javax/security/auth/kerberos/DelegationPermission.java

@@ -48,14 +48,14 @@ import java.io.IOException;
  * <p>
  * For example, to specify the "host" service use of a forwardable TGT the
  * target permission is specified as follows:
- * <p>
+ *
  * <pre>
  *  DelegationPermission("\"host/foo.example.com@EXAMPLE.COM\" \"krbtgt/EXAMPLE.COM@EXAMPLE.COM\"");
  * </pre>
  * <p>
  * To give the "backup" service a proxiable nfs service ticket the target permission
  * might be specified:
- * <p>
+ *
  * <pre>
  *  DelegationPermission("\"backup/bar.example.com@EXAMPLE.COM\" \"nfs/home.EXAMPLE.COM@EXAMPLE.COM\"");
  * </pre>

jdk/src/share/classes/javax/security/auth/kerberos/ServicePermission.java

@@ -62,7 +62,7 @@ import java.io.IOException;
  * Authentication Service exchange.
  * <p>
  * The possible actions are:
- * <p>
+ *
  * <pre>
  *    initiate -              allow the caller to use the credential to
  *                            initiate a security context with a service
@@ -75,7 +75,7 @@ import java.io.IOException;
  *
  * For example, to specify the permission to access to the TGT to
  * initiate a security context the permission is constructed as follows:
- * <p>
+ *
  * <pre>
  *     ServicePermission("krbtgt/EXAMPLE.COM@EXAMPLE.COM", "initiate");
  * </pre>
@@ -89,7 +89,7 @@ import java.io.IOException;
  * For a Kerberized server the action is "accept". For example, the permission
  * necessary to access and use the secret key of the  Kerberized "host"
  * service (telnet and the likes)  would be constructed as follows:
- * <p>
+ *
  * <pre>
  *     ServicePermission("host/foo.example.com@EXAMPLE.COM", "accept");
  * </pre>

jdk/src/share/classes/javax/security/auth/login/LoginContext.java

@@ -101,11 +101,11 @@ import sun.security.util.ResourcesMgr;
  * <li> If the constructor has a Subject
  * input parameter, the LoginContext uses the caller-specified
  * Subject object.
- * <p>
+ *
  * <li> If the caller specifies a {@code null} Subject
  * and a {@code null} value is permitted,
  * the LoginContext instantiates a new Subject.
- * <p>
+ *
  * <li> If the constructor does <b>not</b> have a Subject
  * input parameter, the LoginContext instantiates a new Subject.
  * <p>
@@ -132,7 +132,7 @@ import sun.security.util.ResourcesMgr;
  * {@code getAppConfigurationEntry} with the name, "<i>other</i>"
  * (the default entry name).  If there is no entry for "<i>other</i>",
  * then a {@code LoginException} is thrown.
- * <p>
+ *
  * <li> When LoginContext uses the installed Configuration, the caller
  * requires the createLoginContext.<em>name</em> and possibly
  * createLoginContext.other AuthPermissions. Furthermore, the
@@ -141,7 +141,7 @@ import sun.security.util.ResourcesMgr;
  * perform security-sensitive tasks (such as connecting to remote hosts,
  * and updating the Subject) will require the respective permissions, but
  * the callers of the LoginContext will not require those permissions.
- * <p>
+ *
  * <li> When LoginContext uses a caller-specified Configuration, the caller
  * does not require any createLoginContext AuthPermission.  The LoginContext
  * saves the {@code AccessControlContext} for the caller,
@@ -158,7 +158,7 @@ import sun.security.util.ResourcesMgr;
  * <li> If the constructor has a CallbackHandler
  * input parameter, the LoginContext uses the caller-specified
  * CallbackHandler object.
- * <p>
+ *
  * <li> If the constructor does <b>not</b> have a CallbackHandler
  * input parameter, or if the caller specifies a {@code null}
  * CallbackHandler object (and a {@code null} value is permitted),
@@ -171,7 +171,7 @@ import sun.security.util.ResourcesMgr;
  * with users.  The caller thus assumes that the configured
  * modules have alternative means for authenticating the user.
  *
- * <p>
+ *
  * <li> When the LoginContext uses the installed Configuration (instead of
  * a caller-specified Configuration, see above),
  * then this LoginContext must wrap any

jdk/src/share/classes/javax/security/auth/x500/X500Principal.java

@@ -314,7 +314,7 @@ public final class X500Principal implements Principal, java.io.Serializable {
      * this method returns an RFC 2253 conformant string representation
      * with the following additional canonicalizations:
      *
-     * <p><ol>
+     * <ol>
      * <li> Leading zeros are removed from attribute types
      *          that are encoded as dotted decimal OIDs
      * <li> DirectoryString attribute values of type