On Tue, 29 Sep 2020 03:12:42 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> Well, allowBER may be false? How about ASN.1/DER/BER? > > I'll just write ASN.1 then. Sure. >> We have to be strict in "sensitive" area such as signatures. The parsing >> code seems to be still mainly DER. It was >> never fully BER, but just some. It's good to keep behavior change minimum as >> this is like a re-write and may already >> have some unintentional changes. > > As this constructor calls another with allowBER=true, I leave the BER word > there. Yes, I understand our impl is not > always precise. To make it so, we need to adjust the callers everywhere to > match the RFCs, but then there will be > compatibility issues. Yes, I agree. ------------- PR: https://git.openjdk.java.net/jdk/pull/232
