On Fri, 12 Feb 2021 20:42:03 GMT, Hai-May Chao <hc...@openjdk.org> wrote:
>> This change is made for compliance with RFC 5280 section 4.2.1.1 for
>> Authority Key Identifier extension.
>
> Hai-May Chao has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Reduced one param to createV3Extensions
src/java.base/share/classes/sun/security/tools/keytool/Main.java line 1484:
> 1482:
> 1483: KeyIdentifier signerSubjectKeyId;
> 1484: if (subjectPubKey.equals(issuerPubKey)) {
I think in most cases, this equality test will not work as there is no
requirement for PublicKey to override Object.equals, so in most cases this will
just check if they reference the same object. I suggest comparing the encoded
bytes.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2343
