RFR 10 (XS): 8184673: Fix compatibility issue in AlgorithmChecker for 3rd party JCE providers

Langer, Christoph Fri, 14 Jul 2017 08:38:17 -0700

Hi,

after the discussion in thread 
http://mail.openjdk.java.net/pipermail/security-dev/2017-July/016068.html, 
please review my proposed change:


Bug: https://bugs.openjdk.java.net/browse/JDK-8184673
Change:

diff -r 76fca9438ee9 -r 9c2438e0a823 
src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
--- 
a/src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
  Thu Jul 13 13:42:39 2017 +0200
+++ 
b/src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
  Fri Jul 14 17:35:36 2017 +0200
@@ -270,7 +270,7 @@

         AlgorithmParameters currSigAlgParams = algorithmId.getParameters();
         PublicKey currPubKey = cert.getPublicKey();
-        String currSigAlg = ((X509Certificate)cert).getSigAlgName();
+        currSigAlg = x509Cert.getSigAlgName();

         // Check the signature algorithm and parameters against constraints.
         if (!constraints.permits(SIGNATURE_PRIMITIVE_SET, currSigAlg,


Thanks and best regards
Christoph

RFR 10 (XS): 8184673: Fix compatibility issue in AlgorithmChecker for 3rd party JCE providers

Reply via email to