Looks good.
--Sean
On 06/24/2013 02:33 PM, Vincent Ryan wrote:
I've updated the webrev to address your comments:
http://cr.openjdk.java.net/~vinnie/8014805/webrev.02/
Thanks.
On 24 Jun 2013, at 16:24, Sean Mullan wrote:
On 06/24/2013 10:38 AM, Vincent Ryan wrote:
Hello all,
The fix to handle Authority Key IDs also applies to Subject Key IDs so I've
duplicated the changes:
http://cr.openjdk.java.net/~vinnie/8014805/webrev.01
1211 subjectKeyId = id.getIdentifier();
Should "id" be "ki"?
Yes.
Also, these 2 methods are not thread-safe, which could cause issues if the same
certificates are used in multiple threads. This is an existing issue with the
methods, but unless this is a demonstrable performance issue, I think you
should change them to not cache the subject/authKeyIds and just generate them
each time the methods are invoked.
Agreed.
--Sean
Thanks.
On 24 Jun 2013, at 12:42, Vincent Ryan wrote:
Thanks.
On 22 Jun 2013, at 01:19, Xuelei Fan wrote:
Looks fine to me.
Xuelei
On 6/21/2013 11:46 PM, Vincent Ryan wrote:
Please review this fix for 7u:
http://cr.openjdk.java.net/~vinnie/8014805/webrev.00/
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8014805
It corrects the NPE that occurs when verifying an X.509 cert that has an
Authority Key ID extension
present but it is not in the hash-based format.
This problem does not occur in JDK 8.
Thanks.
