I have re-worked this fix so that our PKIX CertPathValidator implementation detects if a TrustAnchor's DSA key has no parameters *before* using it to verify a signature. This is a cleaner fix, as it turns out there is quite a bit of existing code in JCE that already assumes a DSA key has parameters, and will throw an NPE if it doesn't.
Please review: http://cr.openjdk.java.net/~mullan/webrevs/7187962/webrev.01/ Thanks, Sean On 8/6/12 10:43 AM, Sean Mullan wrote: > Hi Valerie, > > Could you please review this simple fix to > P11DSAKeyFactory.implTranslatePublicKey? > > http://cr.openjdk.java.net/~mullan/webrevs/7187962/webrev.00/ > > Thanks, > Sean >
