8132130: some docs cleanup

Summary: some docs cleanup
Reviewed-by: andrew

src/share/classes/com/sun/crypto/provider/BlowfishCipher.java

@@ -82,7 +82,7 @@ public final class BlowfishCipher extends CipherSpi {
     /**
      * Sets the padding mechanism of this cipher.
      *
-     * @param padding the padding mechanism
+     * @param paddingScheme the padding mechanism
      *
      * @exception NoSuchPaddingException if the requested padding mechanism
      * does not exist

src/share/classes/com/sun/crypto/provider/DESCipher.java

@@ -77,7 +77,7 @@ public final class DESCipher extends CipherSpi {
     /**
      * Sets the padding mechanism of this cipher.
      *
-     * @param padding the padding mechanism
+     * @param paddingScheme the padding mechanism
      *
      * @exception NoSuchPaddingException if the requested padding mechanism
      * does not exist

src/share/classes/com/sun/crypto/provider/DESedeCipher.java

@@ -74,7 +74,7 @@ public final class DESedeCipher extends CipherSpi {
     /**
      * Sets the padding mechanism of this cipher.
      *
-     * @param padding the padding mechanism
+     * @param paddingScheme the padding mechanism
      *
      * @exception NoSuchPaddingException if the requested padding mechanism
      * does not exist

src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java

@@ -32,7 +32,7 @@ import javax.crypto.spec.*;
 
 /**
  * This class implements the CMS DESede KeyWrap algorithm as defined
- * in <a href=http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap>
+ * in <a href=http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap></a>
  * "XML Encryption Syntax and Processing" section 5.6.2
  * "CMS Triple DES Key Wrap".
  * Note: only <code>CBC</code> mode and <code>NoPadding</code> padding
@@ -159,9 +159,8 @@ public final class DESedeWrapCipher extends CipherSpi {
     /**
      * Initializes this cipher with a key and a source of randomness.
      *
-     * <p>The cipher only supports the following two operation modes:<b>
-     * Cipher.WRAP_MODE, and <b>
-     * Cipher.UNWRAP_MODE.
+     * <p>The cipher only supports the following two operation modes:
+     * {@code Cipher.WRAP_MODE}, and {@code Cipher.UNWRAP_MODE}.
      * <p>For modes other than the above two, UnsupportedOperationException
      * will be thrown.
      * <p>If this cipher requires an initialization vector (IV), it will get
@@ -192,9 +191,8 @@ public final class DESedeWrapCipher extends CipherSpi {
      * Initializes this cipher with a key, a set of algorithm parameters,
      * and a source of randomness.
      *
-     * <p>The cipher only supports the following two operation modes:<b>
-     * Cipher.WRAP_MODE, and <b>
-     * Cipher.UNWRAP_MODE.
+     * <p>The cipher only supports the following two operation modes:
+     * {@code Cipher.WRAP_MODE}, and {@code Cipher.UNWRAP_MODE}.
      * <p>For modes other than the above two, UnsupportedOperationException
      * will be thrown.
      * <p>If this cipher requires an initialization vector (IV), it will get
@@ -252,9 +250,8 @@ public final class DESedeWrapCipher extends CipherSpi {
      * Initializes this cipher with a key, a set of algorithm parameters,
      * and a source of randomness.
      *
-     * <p>The cipher only supports the following two operation modes:<b>
-     * Cipher.WRAP_MODE, and <b>
-     * Cipher.UNWRAP_MODE.
+     * <p>The cipher only supports the following two operation modes:
+     * {@code Cipher.WRAP_MODE}, and {@code Cipher.UNWRAP_MODE}.
      * <p>For modes other than the above two, UnsupportedOperationException
      * will be thrown.
      * <p>If this cipher requires an initialization vector (IV), it will get
@@ -360,15 +357,15 @@ public final class DESedeWrapCipher extends CipherSpi {
      * current Cipher.engineInit(...) implementation,
      * IllegalStateException will always be thrown upon invocation.
      *
-     * @param in the input buffer.
-     * @param inOffset the offset in <code>in</code> where the input
+     * @param input the input buffer.
+     * @param inputOffset the offset in {@code input} where the input
      * starts.
-     * @param inLen the input length.
-     * @param out the buffer for the result.
-     * @param outOffset the ofset in <code>out</code> where the result
+     * @param inputLen the input length.
+     * @param output the buffer for the result.
+     * @param outputOffset the ofset in {@code output} where the result
      * is stored.
      *
-     * @return the number of bytes stored in <code>out</code>.
+     * @return the number of bytes stored in {@code out}.
      *
      * @exception IllegalStateException upon invocation of this method.
      */

src/share/classes/com/sun/crypto/provider/DHKeyPairGenerator.java

@@ -118,7 +118,7 @@ public final class DHKeyPairGenerator extends KeyPairGeneratorSpi {
      * generator, and optionally the requested size in bits of the random
      * exponent (private value).
      *
-     * @param params the parameter set used to generate the key pair
+     * @param algParams the parameter set used to generate the key pair
      * @param random the source of randomness
      *
      * @exception InvalidAlgorithmParameterException if the given parameters

src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java

@@ -92,7 +92,7 @@ public final class DHParameterGenerator extends AlgorithmParameterGeneratorSpi {
      * generation values, which specify the size of the prime modulus and
      * the size of the random exponent, both in bits.
      *
-     * @param params the set of parameter generation values
+     * @param genParamSpec the set of parameter generation values
      * @param random the source of randomness
      *
      * @exception InvalidAlgorithmParameterException if the given parameter

src/share/classes/com/sun/crypto/provider/PBEWithMD5AndDESCipher.java

@@ -80,7 +80,7 @@ public final class PBEWithMD5AndDESCipher extends CipherSpi {
      * Sets the padding mechanism of this cipher. This algorithm only uses
      * PKCS #5 padding.
      *
-     * @param padding the padding mechanism
+     * @param paddingScheme the padding mechanism
      *
      * @exception NoSuchPaddingException if the requested padding mechanism
      * is invalid

src/share/classes/com/sun/crypto/provider/PBEWithMD5AndTripleDESCipher.java

@@ -92,7 +92,7 @@ public final class PBEWithMD5AndTripleDESCipher extends CipherSpi {
      * Sets the padding mechanism of this cipher. This algorithm only uses
      * PKCS #5 padding.
      *
-     * @param padding the padding mechanism
+     * @param paddingScheme the padding mechanism
      *
      * @exception NoSuchPaddingException if the requested padding mechanism
      * is invalid

src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java

@@ -75,7 +75,7 @@ public final class PBKDF2HmacSHA1Factory extends SecretKeyFactorySpi {
      *
      * @param key the key
      *
-     * @param keySpec the requested format in which the key material shall be
+     * @param keySpecCl the requested format in which the key material shall be
      * returned
      *
      * @return the underlying key specification (key material) in the

src/share/classes/com/sun/security/sasl/digest/FactoryImpl.java

@@ -60,7 +60,7 @@ SaslServerFactory{
      *
      * @throws SaslException If there is an error creating the DigestMD5
      * SASL client.
-     * @returns a new SaslClient ; otherwise null if unsuccessful.
+     * @return a new SaslClient; otherwise null if unsuccessful.
      */
     public SaslClient createSaslClient(String[] mechs,
          String authorizationId, String protocol, String serverName,
@@ -90,7 +90,7 @@ SaslServerFactory{
      *
      * @throws SaslException If there is an error creating the DigestMD5
      * SASL server.
-     * @returns a new SaslServer ; otherwise null if unsuccessful.
+     * @return a new SaslServer; otherwise null if unsuccessful.
      */
     public SaslServer createSaslServer(String mech,
          String protocol, String serverName, Map<String,?> props, CallbackHandler cbh)
@@ -114,7 +114,7 @@ SaslServerFactory{
     /**
       * Returns the authentication mechanisms that this factory can produce.
       *
-      * @returns String[] {"DigestMD5"} if policies in env match those of this
+      * @return String[] {"DigestMD5"} if policies in env match those of this
       * factory.
       */
     public String[] getMechanismNames(Map<String,?> env) {

src/share/classes/com/sun/security/sasl/ntlm/FactoryImpl.java

@@ -57,7 +57,7 @@ SaslServerFactory{
     /**
      * Returns a new instance of the NTLM SASL client mechanism.
      * Argument checks are performed in SaslClient's constructor.
-     * @returns a new SaslClient ; otherwise null if unsuccessful.
+     * @return a new SaslClient; otherwise null if unsuccessful.
      * @throws SaslException If there is an error creating the NTLM
      * SASL client.
      */
@@ -86,7 +86,7 @@ SaslServerFactory{
     /**
      * Returns a new instance of the NTLM SASL server mechanism.
      * Argument checks are performed in SaslServer's constructor.
-     * @returns a new SaslServer ; otherwise null if unsuccessful.
+     * @return a new SaslServer; otherwise null if unsuccessful.
      * @throws SaslException If there is an error creating the NTLM
      * SASL server.
      */
@@ -116,7 +116,7 @@ SaslServerFactory{
     /**
       * Returns the authentication mechanisms that this factory can produce.
       *
-      * @returns String[] {"NTLM"} if policies in env match those of this
+      * @return String[] {"NTLM"} if policies in env match those of this
       * factory.
       */
     public String[] getMechanismNames(Map<String,?> env) {

src/share/classes/org/jcp/xml/dsig/internal/dom/DOMCryptoBinary.java

@@ -41,12 +41,12 @@ import com.sun.org.apache.xml.internal.security.utils.Base64;
  * as defined in the W3C specification for XML-Signature Syntax and Processing.
  * The XML Schema Definition is defined as:
  *
- * <xmp>
+ * <pre>{@code
  * <simpleType name="CryptoBinary">
  *   <restriction base = "base64Binary">
  *   </restriction>
  * </simpleType>
- * </xmp>
+ * }</pre>
  *
  * @author Sean Mullan
  */

src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java

@@ -57,7 +57,7 @@ public final class DOMPGPData extends DOMStructure implements PGPData {
      * and optional list of external elements.
      *
      * @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
-     *    <a href="http://www.ietf.org/rfc/rfc2440.txt"/>RFC 2440</a>. The
+     *    <a href="http://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
      *    array is cloned to prevent subsequent modification.
      * @param other a list of {@link XMLStructure}s representing elements from
      *    an external namespace. The list is defensively copied to prevent
@@ -95,10 +95,10 @@ public final class DOMPGPData extends DOMStructure implements PGPData {
      * optional key packet and list of external elements.
      *
      * @param keyId a PGP public key id as defined in section 11.2 of
-     *    <a href="http://www.ietf.org/rfc/rfc2440.txt"/>RFC 2440</a>. The
+     *    <a href="http://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a>. The
      *    array is cloned to prevent subsequent modification.
      * @param keyPacket a PGP Key Material Packet as defined in section 5.5 of
-     *    <a href="http://www.ietf.org/rfc/rfc2440.txt"/>RFC 2440</a> (may
+     *    <a href="http://www.ietf.org/rfc/rfc2440.txt">RFC 2440</a> (may
      *    be <code>null</code>). The array is cloned to prevent subsequent
      *    modification.
      * @param other a list of {@link XMLStructure}s representing elements from

src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java

@@ -112,7 +112,6 @@ public final class DOMReference extends DOMStructure
      *    is defensively copied to protect against subsequent modification.
      *    May be <code>null</code> or empty.
      * @param id the reference ID (may be <code>null</code>)
-     * @return a <code>Reference</code>
      * @throws NullPointerException if <code>dm</code> is <code>null</code>
      * @throws ClassCastException if any of the <code>transforms</code> are
      *    not of type <code>Transform</code>

src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java

@@ -58,7 +58,6 @@ public final class DOMSignatureProperties extends DOMStructure
      * @param properties a list of one or more {@link SignatureProperty}s. The
      *    list is defensively copied to protect against subsequent modification.
      * @param id the Id (may be <code>null</code>)
-     * @return a <code>DOMSignatureProperties</code>
      * @throws ClassCastException if <code>properties</code> contains any
      *    entries that are not of type {@link SignatureProperty}
      * @throws IllegalArgumentException if <code>properties</code> is empty

src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java

@@ -59,7 +59,6 @@ public final class DOMSignatureProperty extends DOMStructure
      *    is defensively copied to protect against subsequent modification.
      * @param target the target URI
      * @param id the Id (may be <code>null</code>)
-     * @return a <code>SignatureProperty</code>
      * @throws ClassCastException if <code>content</code> contains any
      *    entries that are not of type {@link XMLStructure}
      * @throws IllegalArgumentException if <code>content</code> is empty

src/share/classes/org/jcp/xml/dsig/internal/dom/DOMTransform.java

@@ -53,7 +53,7 @@ public class DOMTransform extends DOMStructure implements Transform {
     protected TransformService spi;
 
     /**
-     * Creates a <code>DOMTransform</code>.
+     * Creates a {@code DOMTransform}.
      *
      * @param spi the TransformService
      */
@@ -62,7 +62,7 @@ public class DOMTransform extends DOMStructure implements Transform {
     }
 
     /**
-     * Creates a <code>DOMTransform</code> from an element. This constructor
+     * Creates a {@code DOMTransform} from an element. This constructor
      * invokes the abstract {@link #unmarshalParams unmarshalParams} method to
      * unmarshal any algorithm-specific input parameters.
      *
@@ -138,10 +138,10 @@ public class DOMTransform extends DOMStructure implements Transform {
      * Transforms the specified data using the underlying transform algorithm.
      *
      * @param data the data to be transformed
-     * @param sc the <code>XMLCryptoContext</code> containing
-     *    additional context (may be <code>null</code> if not applicable)
+     * @param xc the {@code XMLCryptoContext} containing
+     *     additional context (may be {@code null} if not applicable)
      * @return the transformed data
-     * @throws NullPointerException if <code>data</code> is <code>null</code>
+     * @throws NullPointerException if {@code data} is {@code null}
      * @throws XMLSignatureException if an unexpected error occurs while
      *     executing the transform
      */
@@ -155,12 +155,12 @@ public class DOMTransform extends DOMStructure implements Transform {
      * Transforms the specified data using the underlying transform algorithm.
      *
      * @param data the data to be transformed
-     * @param sc the <code>XMLCryptoContext</code> containing
-     *    additional context (may be <code>null</code> if not applicable)
-     * @param os the <code>OutputStream</code> that should be used to write
+     * @param xc the {@code XMLCryptoContext} containing
+     *     additional context (may be {@code null} if not applicable)
+     * @param os the {@code OutputStream} that should be used to write
      *     the transformed data to
      * @return the transformed data
-     * @throws NullPointerException if <code>data</code> is <code>null</code>
+     * @throws NullPointerException if {@code data} is {@code null}
      * @throws XMLSignatureException if an unexpected error occurs while
      *     executing the transform
      */
@@ -201,16 +201,16 @@ public class DOMTransform extends DOMStructure implements Transform {
     /**
      * Transforms the specified data using the underlying transform algorithm.
      * This method invokes the {@link #marshal marshal} method and passes it
-     * the specified <code>DOMSignContext</code> before transforming the data.
+     * the specified {@code DOMSignContext} before transforming the data.
      *
      * @param data the data to be transformed
-     * @param sc the <code>XMLCryptoContext</code> containing
-     *    additional context (may be <code>null</code> if not applicable)
+     * @param sc the {@code XMLCryptoContext} containing
+     *    additional context (may be {@code null} if not applicable)
      * @param context the marshalling context
      * @return the transformed data
      * @throws MarshalException if an exception occurs while marshalling
-     * @throws NullPointerException if <code>data</code> or <code>context</code>
-     *    is <code>null</code>
+     * @throws NullPointerException if {@code data} or {@code context}
+     *    is {@code null}
      * @throws XMLSignatureException if an unexpected error occurs while
      *    executing the transform
      */

src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java

@@ -65,7 +65,6 @@ public final class DOMX509Data extends DOMStructure implements X509Data {
      *    or {@link javax.xml.dsig.XMLStructure} ({@link X509IssuerSerial}
      *    objects or elements from an external namespace). The list is
      *    defensively copied to protect against subsequent modification.
-     * @return a <code>X509Data</code>
      * @throws NullPointerException if <code>content</code> is <code>null</code>
      * @throws IllegalArgumentException if <code>content</code> is empty
      * @throws ClassCastException if <code>content</code> contains any entries

src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java

@@ -63,7 +63,6 @@ public final class DOMXMLObject extends DOMStructure implements XMLObject {
      * @param id the Id (may be <code>null</code>)
      * @param mimeType the mime type (may be <code>null</code>)
      * @param encoding the encoding (may be <code>null</code>)
-     * @return an <code>XMLObject</code>
      * @throws ClassCastException if <code>content</code> contains any
      *    entries that are not of type {@link XMLStructure}
      */

src/share/classes/sun/security/jgss/GSSCredentialImpl.java

@@ -535,8 +535,8 @@ public class GSSCredentialImpl implements ExtendedGSSCredential {
     /**
      * Returns the specified mechanism's credential-element.
      *
-     * @param mechOid - the oid for mechanism to retrieve
-     * @param throwExcep - boolean indicating if the function is
+     * @param mechOid the oid for mechanism to retrieve
+     * @param initiate boolean indicating if the function is
      *    to throw exception or return null when element is not
      *    found.
      * @return mechanism credential object

src/share/classes/sun/security/jgss/GSSToken.java

@@ -84,7 +84,7 @@ public abstract class GSSToken {
      *
      * @param data the array containing the bytes of the integer value
      * @param pos the offset in the array
-     * @size the number of bytes to read from the array.
+     * @param size the number of bytes to read from the array.
      * @return the integer value
      */
     public static final int readLittleEndian(byte[] data, int pos, int size) {
@@ -141,7 +141,7 @@ public abstract class GSSToken {
      * Reads a two byte integer value from an InputStream.
      *
      * @param is the InputStream to read from
-     * @returns the integer value
+     * @return the integer value
      * @throws IOException if some errors occurs while reading the integer
      * bytes.
      */
@@ -155,7 +155,7 @@ public abstract class GSSToken {
      *
      * @param src the byte arra to read from
      * @param pos the offset to start reading from
-     * @returns the integer value
+     * @return the integer value
      */
     public static final int readInt(byte[] src, int pos) {
         return ((0xFF & src[pos])<<8 | (0xFF & src[pos+1]));
@@ -167,7 +167,7 @@ public abstract class GSSToken {
      *
      * @param is the InputStream to read from
      * @param buffer the buffer to store the bytes into
-     * @param throws EOFException if EOF is reached before all bytes are
+     * @throws EOFException if EOF is reached before all bytes are
      *         read.
      * @throws IOException is an error occurs while reading
      */
@@ -184,7 +184,7 @@ public abstract class GSSToken {
      * @param buffer the buffer to store the bytes into
      * @param offset the offset to start storing at
      * @param len the number of bytes to read
-     * @param throws EOFException if EOF is reached before all bytes are
+     * @throws EOFException if EOF is reached before all bytes are
      *         read.
      * @throws IOException is an error occurs while reading
      */

src/share/classes/sun/security/jgss/LoginConfigImpl.java

@@ -59,7 +59,7 @@ public class LoginConfigImpl extends Configuration {
      * A new instance of LoginConfigImpl must be created for each login request
      * since it's only used by a single (caller, mech) pair
      * @param caller defined in GSSUtil as CALLER_XXX final fields
-     * @param oid defined in GSSUtil as XXX_MECH_OID final fields
+     * @param mech defined in GSSUtil as XXX_MECH_OID final fields
      */
     public LoginConfigImpl(GSSCaller caller, Oid mech) {
 

src/share/classes/sun/security/jgss/ProviderList.java

@@ -46,7 +46,7 @@ import sun.security.action.GetPropertyAction;
  * queries this class whenever it needs a mechanism's factory.<p>
  *
  * This class stores an ordered list of pairs of the form
- * <provider, oid>. When it attempts to instantiate a mechanism
+ * {@code <provider, oid>}. When it attempts to instantiate a mechanism
  * defined by oid o, it steps through the list looking for an entry
  * with oid=o, or with oid=null. (An entry with oid=null matches all
  * mechanisms.) When it finds such an entry, the corresponding
@@ -74,12 +74,12 @@ import sun.security.action.GetPropertyAction;
  * the system ones don't suffice.<p>
  *
  * If a mechanism's factory is being obtained from a provider as a
- * result of encountering a entryof the form <provider, oid> where
+ * result of encountering a entryof the form {@code <provider, oid>} where
  * oid is non-null, then the assumption is that the application added
  * this entry and it wants this mechanism to be obtained from this
  * provider. Thus is the provider does not actually contain the
  * requested mechanism, an exception will be thrown. However, if the
- * entry were of the form <provider, null>, then it is viewed more
+ * entry were of the form {@code <provider, null>}, then it is viewed more
  * liberally and is simply skipped over if the provider does not claim to
  * support the requested mechanism.
  */

src/share/classes/sun/security/jgss/krb5/Krb5NameElement.java

@@ -214,7 +214,7 @@ public class Krb5NameElement
      * return false.
      *
      * @param other to be compared with
-     * @returns true if they both refer to the same entity, else false
+     * @return true if they both refer to the same entity, else false
      * @exception GSSException with major codes of BAD_NAMETYPE,
      *  BAD_NAME, FAILURE
      */
@@ -239,7 +239,7 @@ public class Krb5NameElement
      * situation where an error occurs.
      *
      * @param another the object to be compared to
-     * @returns true if they both refer to the same entity, else false
+     * @return true if they both refer to the same entity, else false
      * @see #equals(GSSNameSpi)
      */
     public boolean equals(Object another) {

src/share/classes/sun/security/jgss/spi/GSSContextSpi.java

@@ -52,14 +52,14 @@ import com.sun.security.jgss.*;
  * and the context flags before the context is fully established. The
  * isProtReady method is used to indicate that these services are
  * available.
- *<p>
+ * <p>
  * <strong>
  * Context establishment tokens are defined in a mechanism independent
  * format in section 3.1 of RFC 2743. The GSS-Framework will add
  * and remove the mechanism independent header portion of this token format
  * depending on whether a token is received or is being sent. The mechanism
- * should only generate or expect to read the inner-context token portion..
- * <p>
+ * should only generate or expect to read the inner-context token portion.
+ * <br>
  * On the other hands, tokens used for per-message calls are generated
  * entirely by the mechanism. It is possible that the mechanism chooses to
  * encase inner-level per-message tokens in a header similar to that used
@@ -240,7 +240,7 @@ public interface GSSContextSpi {
      *    asked to provide.
      * @param confReq a flag indicating whether confidentiality will be
      *    requested or not
-     * @param outputSize the maximum size of the output token
+     * @param maxTokSize the maximum size of the output token
      * @return the maximum size for the input message that can be
      *    provided to the wrap() method in order to guarantee that these
      *    requirements are met.
@@ -255,7 +255,7 @@ public interface GSSContextSpi {
      * @param is the user-provided message to be protected
      * @param os the token to be sent to the peer. It includes
      *    the message from <i>is</i> with the requested protection.
-     * @param msgPro on input it contains the requested qop and
+     * @param msgProp on input it contains the requested qop and
      *    confidentiality state, on output, the applied values
      * @exception GSSException may be thrown
      * @see unwrap
@@ -366,7 +366,7 @@ public interface GSSContextSpi {
      *
      * @param is token generated by getMIC
      * @param msgStr the message to check integrity for
-     * @param msgProp will contain the applied QOP and confidentiality
+     * @param mProp will contain the applied QOP and confidentiality
      *    states of the token as well as any informatory status codes
      * @exception GSSException may be thrown
      */

src/share/classes/sun/security/jgss/spi/GSSNameSpi.java

@@ -46,7 +46,7 @@ public interface GSSNameSpi {
      * return false.
      *
      * @param name to be compared with
-     * @returns true if they both refer to the same entity, else false
+     * @return true if they both refer to the same entity, else false
      * @exception GSSException with major codes of BAD_NAMETYPE,
      *    BAD_NAME, FAILURE
      */
@@ -60,7 +60,7 @@ public interface GSSNameSpi {
      * situation where an error occurs.
      *
      * @param another the object to be compared to
-     * @returns true if they both refer to the same entity, else false
+     * @return true if they both refer to the same entity, else false
      * @see #equals(GSSNameSpi)
      */
     public boolean equals(Object another);

src/share/classes/sun/security/jgss/spi/MechanismFactory.java

@@ -147,7 +147,7 @@ public interface MechanismFactory {
      * <p>
      * An exported name will generally be passed in using this method.
      *
-     * @param nameBytes the bytes describing this entity to the mechanism
+     * @param name the bytes describing this entity to the mechanism
      * @param nameType an Oid serving as a clue as to how the mechanism should
      * interpret the nameStr
      * @throws GSSException if any of the errors described in RFC 2743 for

src/share/classes/sun/security/krb5/Checksum.java

@@ -133,8 +133,8 @@ public class Checksum {
      * own calculating and verification rules. It does has the same
      * ASN.1 encoding though.
      *
-     * @data the byte array of checksum.
-     * @new_cksumType the type of checksum.
+     * @param data the byte array of checksum.
+     * @param new_cksumType the type of checksum.
      */
     public Checksum(byte[] data, int new_cksumType) {
         cksumType = new_cksumType;
@@ -235,12 +235,12 @@ public class Checksum {
 
     /**
      * Encodes a Checksum object.
-     * <xmp>
+     * <pre>{@code
      * Checksum    ::= SEQUENCE {
      *         cksumtype   [0] Int32,
      *         checksum    [1] OCTET STRING
      * }
-     * </xmp>
+     * }</pre>
      *
      * <p>
      * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/Config.java

@@ -361,7 +361,7 @@ public class Config {
      *
      * @param s the string duration
      * @return time in seconds
-     * @throw KrbException if format is illegal
+     * @throws KrbException if format is illegal
      */
     public static int duration(String s) throws KrbException {
 
@@ -423,7 +423,7 @@ public class Config {
      * @param keys the keys
      * @return the int value, Integer.MIN_VALUE is returned if it cannot be
      * found or the value is not a legal integer.
-     * @throw IllegalArgumentException if any of the keys is illegal
+     * @throws IllegalArgumentException if any of the keys is illegal
      * @see #get(java.lang.String[])
      */
     public int getIntValue(String... keys) {

src/share/classes/sun/security/krb5/Credentials.java

@@ -313,7 +313,7 @@ public class Credentials {
      * @param ticketCache the path to the tickets file. A value
      * of null will be accepted to indicate that the default
      * path should be searched
-     * @returns the TGT credentials or null if none were found. If the tgt
+     * @return the TGT credentials or null if none were found. If the tgt
      * expired, it is the responsibility of the caller to determine this.
      */
     public static Credentials acquireTGTFromCache(PrincipalName princ,

src/share/classes/sun/security/krb5/EncryptedData.java

@@ -259,20 +259,20 @@ public class EncryptedData implements Cloneable {
     /**
      * Returns an ASN.1 encoded EncryptedData type.
      *
-     * <xmp>
+     * <pre>{@code
      * EncryptedData   ::= SEQUENCE {
      *     etype   [0] Int32 -- EncryptionType --,
      *     kvno    [1] UInt32 OPTIONAL,
      *     cipher  [2] OCTET STRING -- ciphertext
      * }
-     * </xmp>
+     * }</pre>
      *
      * <p>
      * This definition reflects the Network Working Group RFC 4120
      * specification available at
      * <a href="http://www.ietf.org/rfc/rfc4120.txt">
      * http://www.ietf.org/rfc/rfc4120.txt</a>.
-     * <p>
+     *
      * @return byte array of encoded EncryptedData object.
      * @exception Asn1Exception if an error occurs while decoding an
      * ASN1 encoded data.

src/share/classes/sun/security/krb5/EncryptionKey.java

@@ -101,11 +101,11 @@ public class EncryptionKey
      * Obtains all versions of the secret key of the principal from a
      * keytab.
      *
-     * @Param princ the principal whose secret key is desired
+     * @param princ the principal whose secret key is desired
      * @param keytab the path to the keytab file. A value of null
      * will be accepted to indicate that the default path should be
      * searched.
-     * @returns an array of secret keys or null if none were found.
+     * @return an array of secret keys or null if none were found.
      */
     public static EncryptionKey[] acquireSecretKeys(PrincipalName princ,
                                                     String keytab) {
@@ -127,7 +127,7 @@ public class EncryptionKey
      * @param password NOT null
      * @param etype
      * @param snp can be NULL
-     * @returns never null
+     * @return never null
      */
     public static EncryptionKey acquireSecretKey(PrincipalName cname,
             char[] password, int etype, PAData.SaltAndParams snp)
@@ -150,7 +150,7 @@ public class EncryptionKey
      * @param salt NOT null
      * @param etype
      * @param s2kparams can be NULL
-     * @returns never null
+     * @return never null
      */
     public static EncryptionKey acquireSecretKey(char[] password,
             String salt, int etype, byte[] s2kparams)
@@ -381,11 +381,11 @@ public class EncryptionKey
     /**
      * Returns the ASN.1 encoding of this EncryptionKey.
      *
-     * <xmp>
+     * <pre>{@code
      * EncryptionKey ::=   SEQUENCE {
      *                             keytype[0]    INTEGER,
      *                             keyvalue[1]   OCTET STRING }
-     * </xmp>
+     * }</pre>
      *
      * <p>
      * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/KrbAsReqBuilder.java

@@ -112,7 +112,7 @@ public final class KrbAsReqBuilder {
      * realm, where default realm will be used. This realm will be the target
      * realm for AS-REQ. I believe a client should only get initial TGT from
      * its own realm.
-     * @param keys must not be null. if empty, might be quite useless.
+     * @param ktab must not be null. If empty, might be quite useless.
      * This argument will neither be modified nor stored by the method.
      * @throws KrbException
      */

src/share/classes/sun/security/krb5/PrincipalName.java

@@ -45,14 +45,14 @@ import sun.security.krb5.internal.util.KerberosString;
 
 /**
  * Implements the ASN.1 PrincipalName type and its realm in a single class.
- * <xmp>
+ * <pre>{@code
  *    Realm           ::= KerberosString
  *
  *    PrincipalName   ::= SEQUENCE {
  *            name-type       [0] Int32,
  *            name-string     [1] SEQUENCE OF KerberosString
  *    }
- * </xmp>
+ * }</pre>
  * This class is immutable.
  * @see Realm
  */
@@ -219,14 +219,14 @@ public class PrincipalName implements Cloneable {
 
     /**
      * Returns the ASN.1 encoding of the
-     * <xmp>
+     * <pre>{@code
      * PrincipalName    ::= SEQUENCE {
      *          name-type       [0] Int32,
      *          name-string     [1] SEQUENCE OF KerberosString
      * }
      *
      * KerberosString   ::= GeneralString (IA5String)
-     * </xmp>
+     * }</pre>
      *
      * <p>
      * This definition reflects the Network Working Group RFC 4120
@@ -657,7 +657,8 @@ public class PrincipalName implements Cloneable {
      * name, the second component is returned.
      * Null is returned if there are not two or more
      * components in the name.
-     * @returns instance component of a multi-component name.
+     *
+     * @return instance component of a multi-component name.
      */
     public String getInstanceComponent()
     {

src/share/classes/sun/security/krb5/Realm.java

@@ -41,9 +41,8 @@ import sun.security.krb5.internal.util.KerberosString;
 /**
  * Implements the ASN.1 Realm type.
  *
- * <xmp>
- * Realm ::= GeneralString
- * </xmp>
+ * {@code Realm ::= GeneralString}
+ *
  * This class is immutable.
  */
 public class Realm implements Cloneable {

src/share/classes/sun/security/krb5/internal/APOptions.java

@@ -38,17 +38,17 @@ import java.io.IOException;
 /**
  * Implements the ASN.1 APOptions type.
  *
- * <xmp>
+ * <pre>{@code
  * APOptions    ::= KerberosFlags
  *      -- reserved(0),
  *      -- use-session-key(1),
  *      -- mutual-required(2)
- * </xmp>
  *
  * KerberosFlags   ::= BIT STRING (SIZE (32..MAX))
  *              -- minimum number of bits shall be sent,
  *              -- but no fewer than 32
  *
+ * }</pre>
  * <p>
  * This definition reflects the Network Working Group RFC4120
  * specification available at

src/share/classes/sun/security/krb5/internal/APRep.java

@@ -39,13 +39,13 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 AP-REP type.
  *
- * <xmp>
+ * <pre>{@code
  * AP-REP          ::= [APPLICATION 15] SEQUENCE {
  *         pvno            [0] INTEGER (5),
  *         msg-type        [1] INTEGER (15),
  *         enc-part        [2] EncryptedData -- EncAPRepPart
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/APReq.java

@@ -38,7 +38,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 AP-REQ type.
  *
- * <xmp>
+ * <pre>{@code
  * AP-REQ               ::= [APPLICATION 14] SEQUENCE {
  *      pvno            [0] INTEGER (5),
  *      msg-type        [1] INTEGER (14),
@@ -46,7 +46,7 @@ import java.math.BigInteger;
  *      ticket          [3] Ticket,
  *      authenticator   [4] EncryptedData -- Authenticator
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/Authenticator.java

@@ -38,7 +38,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 Authenticator type.
  *
- * <xmp>
+ * <pre>{@code
  * Authenticator   ::= [APPLICATION 2] SEQUENCE  {
  *         authenticator-vno       [0] INTEGER (5),
  *         crealm                  [1] Realm,
@@ -50,7 +50,7 @@ import java.math.BigInteger;
  *         seq-number              [7] UInt32 OPTIONAL,
  *         authorization-data      [8] AuthorizationData OPTIONAL
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/EncAPRepPart.java

@@ -39,14 +39,14 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 EncAPRepPart type.
  *
- * <xmp>
+ * <pre>{@code
  * EncAPRepPart ::= [APPLICATION 27] SEQUENCE {
  *      ctime           [0] KerberosTime,
  *      cusec           [1] Microseconds,
  *      subkey          [2] EncryptionKey OPTIONAL,
  *      seq-number      [3] UInt32 OPTIONAL
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/EncKDCRepPart.java

@@ -39,7 +39,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 EncKDCRepPart type.
  *
- * <xmp>
+ * <pre>{@code
  * EncKDCRepPart          ::= SEQUENCE {
  *      key               [0] EncryptionKey,
  *      last-req          [1] LastReq,
@@ -55,7 +55,7 @@ import java.math.BigInteger;
  *      caddr             [11] HostAddresses OPTIONAL,
  *      encrypted-pa-data [12] SEQUENCE OF PA-DATA OPTIONAL
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/EncKrbCredPart.java

@@ -40,7 +40,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 EncKrbCredPart type.
  *
- * <xmp>
+ * <pre>{@code
  * EncKrbCredPart  ::= [APPLICATION 29] SEQUENCE {
  *         ticket-info     [0] SEQUENCE OF KrbCredInfo,
  *         nonce           [1] UInt32 OPTIONAL,
@@ -49,7 +49,7 @@ import java.math.BigInteger;
  *         s-address       [4] HostAddress OPTIONAL,
  *         r-address       [5] HostAddress OPTIONAL
  *   }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/EncKrbPrivPart.java

@@ -38,7 +38,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 EncKrbPrivPart type.
  *
- * <xmp>
+ * <pre>{@code
  * EncKrbPrivPart  ::= [APPLICATION 28] SEQUENCE {
  *         user-data       [0] OCTET STRING,
  *         timestamp       [1] KerberosTime OPTIONAL,
@@ -47,7 +47,7 @@ import java.math.BigInteger;
  *         s-address       [4] HostAddress -- sender's addr --,
  *         r-address       [5] HostAddress OPTIONAL -- recip's addr
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/EncTicketPart.java

@@ -39,7 +39,7 @@ import java.io.*;
 /**
  * Implements the ASN.1 EncTicketPart type.
  *
- * <xmp>
+ * <pre>{@code
  * EncTicketPart   ::= [APPLICATION 3] SEQUENCE {
  *         flags                   [0] TicketFlags,
  *         key                     [1] EncryptionKey,
@@ -53,7 +53,7 @@ import java.io.*;
  *         caddr                   [9] HostAddresses OPTIONAL,
  *         authorization-data      [10] AuthorizationData OPTIONAL
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/HostAddress.java

@@ -44,12 +44,12 @@ import java.util.Arrays;
 /**
  * Implements the ASN.1 HostAddress type.
  *
- * <xmp>
+ * <pre>{@code
  * HostAddress     ::= SEQUENCE  {
  *         addr-type       [0] Int32,
  *         address         [1] OCTET STRING
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120
@@ -132,7 +132,7 @@ public class HostAddress implements Cloneable {
     /**
      * Gets the InetAddress of this HostAddress.
      * @return the IP address for this specified host.
-     * @exception if no IP address for the host could be found.
+     * @exception UnknownHostException if no IP address for the host could be found.
      *
      */
     public InetAddress getInetAddress() throws UnknownHostException {

src/share/classes/sun/security/krb5/internal/HostAddresses.java

@@ -45,7 +45,7 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream;
 /**
  * Implements the ASN.1 HostAddresses type.
  *
- * <xmp>
+ * <pre>{@code
  * HostAddresses   -- NOTE: subtly different from rfc1510,
  *                 -- but has a value mapping and encodes the same
  *         ::= SEQUENCE OF HostAddress
@@ -54,7 +54,7 @@ import sun.security.krb5.internal.ccache.CCacheOutputStream;
  *         addr-type       [0] Int32,
  *         address         [1] OCTET STRING
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/KDCOptions.java

@@ -40,7 +40,7 @@ import java.io.IOException;
 /**
  * Implements the ASN.1 KDCOptions type.
  *
- * <xmp>
+ * <pre>{@code
  * KDCOptions   ::= KerberosFlags
  *      -- reserved(0),
  *      -- forwardable(1),
@@ -69,7 +69,7 @@ import java.io.IOException;
  *                      -- minimum number of bits shall be sent,
  *                      -- but no fewer than 32
  *
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120
@@ -115,7 +115,7 @@ import java.io.IOException;
  * in the addresses field of the request.
  * <li>FORWARDED, PROXY, ENC_TKT_IN_SKEY, RENEW, VALIDATE are used only in
  * subsequent requests.
- * </ol><p>
+ * </ol>
  */
 
 public class KDCOptions extends KerberosFlags {

src/share/classes/sun/security/krb5/internal/KDCRep.java

@@ -38,7 +38,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 KDC-REP type.
  *
- * <xmp>
+ * <pre>{@code
  * KDC-REP         ::= SEQUENCE {
  *         pvno            [0] INTEGER (5),
  *         msg-type        [1] INTEGER (11 -- AS -- | 13 -- TGS --),
@@ -51,7 +51,7 @@ import java.math.BigInteger;
  *                                   -- EncASRepPart or EncTGSRepPart,
  *                                   -- as appropriate
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/KDCReq.java

@@ -39,7 +39,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 KRB_KDC_REQ type.
  *
- * <xmp>
+ * <pre>{@code
  * KDC-REQ              ::= SEQUENCE {
  *      -- NOTE: first tag is [1], not [0]
  *      pvno            [1] INTEGER (5) ,
@@ -48,7 +48,7 @@ import java.math.BigInteger;
  *                            -- NOTE: not empty --,
  *      req-body        [4] KDC-REQ-BODY
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120
@@ -95,7 +95,7 @@ public class KDCReq {
      * @param req_type a encoded asn1 type value.
      * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
      * @exception IOException if an I/O error occurs while reading encoded data.
-     * @exceptoin KrbErrException
+     * @exception KrbErrException
      */
     public KDCReq(DerValue der, int req_type) throws Asn1Exception,
             IOException, KrbException {

src/share/classes/sun/security/krb5/internal/KDCReqBody.java

@@ -39,7 +39,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 KDC-REQ-BODY type.
  *
- * <xmp>
+ * <pre>{@code
  * KDC-REQ-BODY ::= SEQUENCE {
  *      kdc-options             [0] KDCOptions,
  *      cname                   [1] PrincipalName OPTIONAL
@@ -60,7 +60,7 @@ import java.math.BigInteger;
  *      additional-tickets      [11] SEQUENCE OF Ticket OPTIONAL
  *                                       -- NOTE: not empty
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/KRBCred.java

@@ -41,14 +41,14 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 Authenticator type.
  *
- * <xmp>
+ * <pre>{@code
  * KRB-CRED     ::= [APPLICATION 22] SEQUENCE {
  *      pvno            [0] INTEGER (5),
  *      msg-type        [1] INTEGER (22),
  *      tickets         [2] SEQUENCE OF Ticket,
  *      enc-part        [3] EncryptedData -- EncKrbCredPart
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/KRBError.java

@@ -48,7 +48,7 @@ import sun.security.krb5.internal.util.KerberosString;
 /**
  * Implements the ASN.1 KRBError type.
  *
- * <xmp>
+ * <pre>{@code
  * KRB-ERROR       ::= [APPLICATION 30] SEQUENCE {
  *         pvno            [0] INTEGER (5),
  *         msg-type        [1] INTEGER (30),
@@ -71,7 +71,7 @@ import sun.security.krb5.internal.util.KerberosString;
  *         data-type       [0] Int32,
  *         data-value      [1] OCTET STRING OPTIONAL
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/KRBPriv.java

@@ -39,14 +39,14 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 KRB-PRIV type.
  *
- * <xmp>
+ * <pre>{@code
  * KRB-PRIV        ::= [APPLICATION 21] SEQUENCE {
  *         pvno            [0] INTEGER (5),
  *         msg-type        [1] INTEGER (21),
  *                           -- NOTE: there is no [2] tag
  *         enc-part        [3] EncryptedData -- EncKrbPrivPart
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/KRBSafe.java

@@ -40,14 +40,14 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 KRBSafe type.
  *
- * <xmp>
+ * <pre>{@code
  * KRB-SAFE        ::= [APPLICATION 20] SEQUENCE {
  *         pvno            [0] INTEGER (5),
  *         msg-type        [1] INTEGER (20),
  *         safe-body       [2] KRB-SAFE-BODY,
  *         cksum           [3] Checksum
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/KRBSafeBody.java

@@ -39,7 +39,7 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 KRBSafeBody type.
  *
- * <xmp>
+ * <pre>{@code
  * KRB-SAFE-BODY   ::= SEQUENCE {
  *         user-data       [0] OCTET STRING,
  *         timestamp       [1] KerberosTime OPTIONAL,
@@ -48,7 +48,7 @@ import java.math.BigInteger;
  *         s-address       [4] HostAddress,
  *         r-address       [5] HostAddress OPTIONAL
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/KerberosTime.java

@@ -46,9 +46,7 @@ import java.util.TimeZone;
 /**
  * Implements the ASN.1 KerberosTime type. This is an immutable class.
  *
- * <xmp>
- * KerberosTime    ::= GeneralizedTime -- with no fractional seconds
- * </xmp>
+ * {@code KerberosTime ::= GeneralizedTime} -- with no fractional seconds
  *
  * The timestamps used in Kerberos are encoded as GeneralizedTimes. A
  * KerberosTime value shall not include any fractional portions of the

src/share/classes/sun/security/krb5/internal/KrbCredInfo.java

@@ -38,7 +38,7 @@ import java.io.IOException;
 /**
  * Implements the ASN.1 KrbCredInfo type.
  *
- * <xmp>
+ * <pre>{@code
  * KrbCredInfo  ::= SEQUENCE {
  *      key             [0] EncryptionKey,
  *      prealm          [1] Realm OPTIONAL,
@@ -52,7 +52,7 @@ import java.io.IOException;
  *      sname           [9] PrincipalName OPTIONAL,
  *      caddr           [10] HostAddresses OPTIONAL
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/LastReq.java

@@ -38,12 +38,12 @@ import java.io.IOException;
 /**
  * Implements the ASN.1 LastReq type.
  *
- * <xmp>
+ * <pre>{@code
  * LastReq         ::=     SEQUENCE OF SEQUENCE {
  *         lr-type         [0] Int32,
  *         lr-value        [1] KerberosTime
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/LoginOptions.java

@@ -36,7 +36,7 @@ import java.io.IOException;
 /**
  * Implements the ASN.1 KDCOptions type.
  *
- * <xmp>
+ * <pre>{@code
  * KDCOptions   ::= KerberosFlags
  *      -- reserved(0),
  *      -- forwardable(1),
@@ -64,7 +64,7 @@ import java.io.IOException;
  * KerberosFlags ::= BIT STRING (SIZE (32..MAX))
  *                   -- minimum number of bits shall be sent,
  *                   -- but no fewer than 32
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/MethodData.java

@@ -38,12 +38,12 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 EncKrbPrivPart type.
  *
- * <xmp>
+ * <pre>{@code
  *     METHOD-DATA ::=    SEQUENCE {
  *                        method-type[0]   INTEGER,
  *                        method-data[1]   OCTET STRING OPTIONAL
  *  }
- * </xmp>
+ * }</pre>
  */
 public class MethodData {
     private int methodType;

src/share/classes/sun/security/krb5/internal/PAData.java

@@ -43,13 +43,13 @@ import sun.security.krb5.internal.util.KerberosString;
 /**
  * Implements the ASN.1 PA-DATA type.
  *
- * <xmp>
+ * <pre>{@code
  * PA-DATA         ::= SEQUENCE {
  *         -- NOTE: first tag is [1], not [0]
  *         padata-type     [1] Int32,
  *         padata-value    [2] OCTET STRING -- might be encoded AP-REQ
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120
@@ -179,11 +179,14 @@ public class PAData {
 
     /**
      * Gets the preferred etype from the PAData array.
-     * 1. ETYPE-INFO2-ENTRY with unknown s2kparams ignored
-     * 2. ETYPE-INFO2 preferred to ETYPE-INFO
-     * 3. multiple entries for same etype in one PA-DATA, use the first one.
-     * 4. Multiple PA-DATA with same type, choose the last one
+     * <ol>
+     * <li>ETYPE-INFO2-ENTRY with unknown s2kparams ignored</li>
+     * <li>ETYPE-INFO2 preferred to ETYPE-INFO</li>
+     * <li>Multiple entries for same etype in one PA-DATA, use the first one.</li>
+     * <li>Multiple PA-DATA with same type, choose the last one.</li>
+     * </ol>
      * (This is useful when PA-DATAs from KRB-ERROR and AS-REP are combined).
+     *
      * @return the etype, or defaultEType if not enough info
      * @throws Asn1Exception|IOException if there is an encoding error
      */

src/share/classes/sun/security/krb5/internal/PAEncTSEnc.java

@@ -38,12 +38,12 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 PAEncTSEnc type.
  *
- * <xmp>
+ * <pre>{@code
  * PA-ENC-TS-ENC                ::= SEQUENCE {
  *      patimestamp     [0] KerberosTime -- client's time --,
  *      pausec          [1] Microseconds OPTIONAL
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/PAForUserEnc.java

@@ -36,7 +36,7 @@ import sun.security.util.DerValue;
 /**
  * Implements the ASN.1 PA-FOR-USER type.
  *
- * <xmp>
+ * <pre>{@code
  * padata-type  ::= PA-FOR-USER
  *                  -- value 129
  * padata-value ::= EncryptedData
@@ -47,7 +47,7 @@ import sun.security.util.DerValue;
  *     cksum[2] Checksum,
  *     auth-package[3] KerberosString
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects MS-SFU.

src/share/classes/sun/security/krb5/internal/Ticket.java

@@ -42,14 +42,14 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 Ticket type.
  *
- * <xmp>
+ * <pre>{@code
  * Ticket               ::= [APPLICATION 1] SEQUENCE {
  *      tkt-vno         [0] INTEGER (5),
  *      realm           [1] Realm,
  *      sname           [2] PrincipalName,
  *      enc-part        [3] EncryptedData -- EncTicketPart
  * }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/TransitedEncoding.java

@@ -38,12 +38,12 @@ import java.math.BigInteger;
 /**
  * Implements the ASN.1 TransitedEncoding type.
  *
- * <xmp>
+ * <pre>{@code
  *  TransitedEncoding      ::= SEQUENCE {
  *         tr-type         [0] Int32 -- must be registered --,
  *         contents        [1] OCTET STRING
  *  }
- * </xmp>
+ * }</pre>
  *
  * <p>
  * This definition reflects the Network Working Group RFC 4120

src/share/classes/sun/security/krb5/internal/crypto/Des.java

@@ -226,7 +226,7 @@ public final class Des {
 
     /**
      * Generates DES key from the password.
-     * @param password a char[] used to create the key.
+     * @param passwdChars a char[] used to create the key.
      * @return DES key.
      *
      * @modified by Yanni Zhang, Dec 6, 99

src/share/classes/sun/security/krb5/internal/crypto/DesMacCksumType.java

@@ -121,7 +121,7 @@ public class DesMacCksumType extends CksumType {
      * @param data the data.
      * @param size the length of data.
      * @param key the key used to encrypt the checksum.
-     * @param checksum
+     * @param checksum the checksum.
      * @return true if verification is successful.
      *
      * @modified by Yanni Zhang, 12/08/99.

src/share/classes/sun/security/krb5/internal/crypto/HmacMd5ArcFourCksumType.java

@@ -89,7 +89,7 @@ public class HmacMd5ArcFourCksumType extends CksumType {
      * @param data the data.
      * @param size the length of data.
      * @param key the key used to encrypt the checksum.
-     * @param checksum
+     * @param checksum the checksum.
      * @return true if verification is successful.
      */
     public boolean verifyChecksum(byte[] data, int size,

src/share/classes/sun/security/krb5/internal/crypto/HmacSha1Aes128CksumType.java

@@ -89,7 +89,7 @@ public class HmacSha1Aes128CksumType extends CksumType {
      * @param data the data.
      * @param size the length of data.
      * @param key the key used to encrypt the checksum.
-     * @param checksum
+     * @param checksum the checksum.
      * @return true if verification is successful.
      */
     public boolean verifyChecksum(byte[] data, int size,

src/share/classes/sun/security/krb5/internal/crypto/HmacSha1Aes256CksumType.java

@@ -89,7 +89,7 @@ public class HmacSha1Aes256CksumType extends CksumType {
      * @param data the data.
      * @param size the length of data.
      * @param key the key used to encrypt the checksum.
-     * @param checksum
+     * @param checksum the checksum.
      * @return true if verification is successful.
      */
     public boolean verifyChecksum(byte[] data, int size,

src/share/classes/sun/security/krb5/internal/crypto/HmacSha1Des3KdCksumType.java

@@ -83,7 +83,7 @@ public class HmacSha1Des3KdCksumType extends CksumType {
      * @param data the data.
      * @param size the length of data.
      * @param key the key used to encrypt the checksum.
-     * @param checksum
+     * @param checksum the checksum.
      * @return true if verification is successful.
      */
     public boolean verifyChecksum(byte[] data, int size,

src/share/classes/sun/security/krb5/internal/crypto/RsaMd5DesCksumType.java

@@ -116,7 +116,7 @@ public final class RsaMd5DesCksumType extends CksumType {
      * @param data the data.
      * @param size the length of data.
      * @param key the key used to encrypt the checksum.
-     * @param checksum
+     * @param checksum the checksum.
      * @return true if verification is successful.
      *
      * @modified by Yanni Zhang, 12/08/99.

src/share/classes/sun/security/krb5/internal/ktab/KeyTab.java

@@ -513,7 +513,7 @@ public class KeyTab implements KeyTabConstants {
     /**
      * Creates key table file version.
      * @param file the key table file.
-     * @exception IOException.
+     * @exception IOException
      */
     public synchronized void createVersion(File file) throws IOException {
         try (KeyTabOutputStream kos =

src/share/classes/sun/security/krb5/internal/rcache/AuthList.java

@@ -45,7 +45,7 @@ import sun.security.krb5.internal.KrbApErrException;
  * self-cleanup of expired items in the cache.
  *
  * AuthTimeWithHash objects inside a cache are always sorted from big (new) to
- * small (old) as determined by {@see AuthTimeWithHash#compareTo}. In the most
+ * small (old) as determined by {@link AuthTimeWithHash#compareTo}. In the most
  * common case a newcomer should be newer than the first element.
  *
  * @author Yanni Zhang

src/share/classes/sun/security/pkcs11/wrapper/CK_CREATEMUTEX.java

@@ -50,17 +50,16 @@ package sun.security.pkcs11.wrapper;
 
 
 /**
- * interface CK_CREATEMUTEX.<p>
+ * interface CK_CREATEMUTEX.
  *
- * @author Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at>
- * @author Martin Schlaeffer <schlaeff@sbox.tugraz.at>
+ * @author Karl Scheibelhofer &lt;Karl.Scheibelhofer@iaik.at&gt;
+ * @author Martin Schlaeffer &lt;schlaeff@sbox.tugraz.at&gt;
  */
 public interface CK_CREATEMUTEX {
 
     /**
      * Method CK_CREATEMUTEX
      *
-     * @param ppMutex
      * @return The mutex (lock) object.
      * @exception PKCS11Exception
      */

src/windows/classes/sun/security/krb5/internal/tools/Kinit.java

@@ -59,26 +59,25 @@ public class Kinit {
      * We currently support only file-based credentials cache to
      * store the tickets obtained from the KDC.
      * By default, for all Unix platforms a cache file named
-     * /tmp/krb5cc_<uid&gt will be generated. The <uid&gt is the
+     * {@code /tmp/krb5cc_<uid>} will be generated. The {@code <uid>} is the
      * numeric user identifier.
      * For all other platforms, a cache file named
-     * &lt;USER_HOME&gt/krb5cc_&lt;USER_NAME&gt would be generated.
+     * {@code <USER_HOME>/krb5cc_<USER_NAME>} would be generated.
      * <p>
-     * &lt;USER_HOME&gt is obtained from <code>java.lang.System</code>
+     * {@code <USER_HOME>} is obtained from {@code java.lang.System}
      * property <i>user.home</i>.
-     * &lt;USER_NAME&gt is obtained from <code>java.lang.System</code>
+     * {@code <USER_NAME>} is obtained from {@code java.lang.System}
      * property <i>user.name</i>.
-     * If &lt;USER_HOME&gt is null the cache file would be stored in
+     * If {@code <USER_HOME>} is null the cache file would be stored in
      * the current directory that the program is running from.
-     * &lt;USER_NAME&gt is operating system's login username.
+     * {@code <USER_NAME>} is operating system's login username.
      * It could be different from user's principal name.
-     *</p>
-     *<p>
+     * <p>
      * For instance, on Windows NT, it could be
-     * c:\winnt\profiles\duke\krb5cc_duke, in
-     * which duke is the &lt;USER_NAME&gt, and c:\winnt\profile\duke is the
-     * &lt;USER_HOME&gt.
-     *<p>
+     * {@code c:\winnt\profiles\duke\krb5cc_duke}, in
+     * which duke is the {@code <USER_NAME>} and {@code c:\winnt\profile\duke} is the
+     * {@code <USER_HOME>}.
+     * <p>
      * A single user could have multiple principal names,
      * but the primary principal of the credentials cache could only be one,
      * which means one cache file could only store tickets for one
@@ -88,10 +87,8 @@ public class Kinit {
      * To avoid overwriting, you need to specify
      * a different cache file name when you request a
      * new ticket.
-     *</p>
-     *<p>
+     * <p>
      * You can specify the location of the cache file by using the -c option
-     *
      */
 
     public static void main(String[] args) {

src/windows/classes/sun/security/krb5/internal/tools/Klist.java

@@ -71,8 +71,10 @@ public class Klist {
      * <li><b>-n</b>  do not reverse-resolve addresses
      * </ul>
      * available options for keytabs:
+     * <ul>
      * <li><b>-t</b> shows keytab entry timestamps
      * <li><b>-K</b> shows keytab entry DES keys
+     * </ul>
      */
     public static void main(String[] args) {
         Klist klist = new Klist();