Yes, various places assume that the params being non-null since they are
needed for crypto operations.
I think what you have here is the right fix for the particular test failure.
Do you know if Certificate.getPublicKey() is called on a certificate
contains a DSA key whose DSA params should be inherited from the signing
CA, will the returned DSA public key has the necessary params?
Thanks,
Valerie
On 08/09/12 06:53, Sean Mullan wrote:
I have re-worked this fix so that our PKIX CertPathValidator implementation
detects if a TrustAnchor's DSA key has no parameters *before* using it to verify
a signature. This is a cleaner fix, as it turns out there is quite a bit of
existing code in JCE that already assumes a DSA key has parameters, and will
throw an NPE if it doesn't.
Please review:
http://cr.openjdk.java.net/~mullan/webrevs/7187962/webrev.01/
Thanks,
Sean
On 8/6/12 10:43 AM, Sean Mullan wrote:
Hi Valerie,
Could you please review this simple fix to
P11DSAKeyFactory.implTranslatePublicKey?
http://cr.openjdk.java.net/~mullan/webrevs/7187962/webrev.00/
Thanks,
Sean
