Javadoc clean-up and corrections.

Author: kwwall

src/main/java/org/owasp/esapi/SecurityConfiguration.java

@@ -390,12 +390,12 @@ public interface SecurityConfiguration extends EsapiPropertyLoader {
      * especially for any supported cipher mode that is considered a streaming mode
      * (which is basically anything except CBC for modes that support require an IV).
      * For this reason, 'fixed' has now been removed (it was considered <b>deprecated</b>
-     * since release 2.2.0.0). An <b>ESAPI.properties</b> value of {@Code fixed} for the property
-     * {@Code Encryptor.ChooseIVMethod} will now result in a {@Code ConfigurationException}
+     * since release 2.2.0.0). An <b>ESAPI.properties</b> value of {@code fixed} for the property
+     * {@code Encryptor.ChooseIVMethod} will now result in a {@code ConfigurationException}
      * being thrown.
      * 
      * @return A string specifying the IV type. Should be "random". Anything
-     * else should fail with a {@Code ConfigurationException} being thrown.
+     * else should fail with a {@code ConfigurationException} being thrown.
      * 
      * @see #getFixedIV()
      * @deprecated Use SecurityConfiguration.getStringProp("appropriate_esapi_prop_name") instead.

src/main/java/org/owasp/esapi/codecs/Codec.java

@@ -77,8 +77,8 @@ public interface Codec<T> {
 
     /**
      * Returns the decoded version of the next character from the input string and advances the
-     * current character in the PushbackSequence.  If the current character is not encoded, this 
-     * method MUST reset the PushbackString.
+     * current character in the {@code PushbackSequence}.  If the current character is not encoded, this 
+     * method <i>MUST</i> reset the {@code PushbackString}.
      * 
      * @param input    the Character to decode
      * 
@@ -100,10 +100,25 @@ public interface Codec<T> {
      */
     public String getHexForNonAlphanumeric(int c);
 
+    /**
+     * Convert the {@code char} parameter to its octal representation.
+     * @param c the character for which to return the new representation.
+     * @return the octal representation.
+     */
     public String toOctal(char c);
 
+    /**
+     * Convert the {@code char} parameter to its hexadecimal representation.
+     * @param c the character for which to return the new representation.
+     * @return the hexadecimal representation.
+     */
     public String toHex(char c);
 
+    /**
+     * Convert the {@code int} parameter to its hexadecimal representation.
+     * @param c the character for which to return the new representation.
+     * @return the hexadecimal representation.
+     */
     public String toHex(int c);
 
     /**

src/main/java/org/owasp/esapi/codecs/UnixCodec.java

@@ -17,7 +17,7 @@
 
 
 /**
- * Implementation of the Codec interface for '\' encoding from Unix command shell.
+ * Implementation of the {@code Codec} interface for '\' encoding from Unix command shell (bash lineage, not csh lineage).
  * 
  * @author Jeff Williams (jeff.williams .at. aspectsecurity.com) <a
  *         href="http://www.aspectsecurity.com">Aspect Security</a>
@@ -29,9 +29,11 @@ public class UnixCodec extends AbstractCharacterCodec {
     /**
      * {@inheritDoc}
      * 
-     * Returns backslash-encoded character
+     * @return the backslash-encoded character
      *
-     * @param immune
+     * @param immune Array of characters that should not be encoded. Use with caution! All
+     *               alphanumeric characters are "immune" by default so you needn't
+     *               include them.
      */
     public String encodeCharacter( char[] immune, Character c ) {
         char ch = c.charValue();
@@ -53,13 +55,15 @@ public String encodeCharacter( char[] immune, Character c ) {
 
     /**
      * {@inheritDoc}
-     * 
-     * Returns the decoded version of the character starting at index, or
-     * null if no decoding is possible.
+     *
      * <p>
      * Formats all are legal both upper/lower case:
+     * <pre>
      *   \x - all special characters
-     *   
+     * </pre>
+     * 
+     * @return the decoded version of the character starting at index, or
+     * null if no decoding is possible.
      */
     public Character decodeCharacter( PushbackSequence<Character> input ) {
         input.mark();
@@ -79,4 +83,4 @@ public Character decodeCharacter( PushbackSequence<Character> input ) {
         return second;
     }
 
-}
+}

src/main/java/org/owasp/esapi/crypto/CipherText.java

@@ -798,7 +798,7 @@ protected boolean canEqual(Object other) {
      * proved in 1996 [see http://pssic.free.fr/Extra%20Reading/SEC+/SEC+/hmac-cb.pdf] that
      * HMAC security doesn’t require that the underlying hash function be collision resistant,
      * but only that it acts as a pseudo-random function, which SHA1 satisfies.
-     * @param authKey    The {@Code SecretKey} used with the computed HMAC-SHA1
+     * @param authKey    The {@code SecretKey} used with the computed HMAC-SHA1
      * to ensure authenticity.
      * @return The value for the MAC.
      */ 

src/test/java/org/owasp/esapi/reference/ExecutorTest.java

@@ -42,8 +42,6 @@
  */
 public class ExecutorTest extends TestCase {
 
-    private SecurityConfiguration origConfig;
-
     private static class Conf extends SecurityConfigurationWrapper
     {
         private final List allowedExes;